Amazon's Twitch hacked, source code & financial details published

article thumbnail

AppleInsider is supported by its audience and may earn commission as an Amazon Associate and affiliate partner on qualifying purchases. These affiliate partnerships do not influence our editorial content.

The entire Twitch source code, user comment history, and detailed financial records has reportedly been posted online by an anonymous hacker.

Twitch is the video and gaming service owned by Amazon. Now the entirety of its source code for the service, its mobile, desktop and client apps, and an unreleased Steam competitor, have been leaked.

According to VGC, the files were leaked to 4chan by an anonymous hacker. The person said the leak was meant to "foster more disruption and competition in the online video streaming space [because Twitch's] community is a disgusting toxic cesspool."

VGC has confirmed that the hacker's files are publicly available on 4chan. An anonymous source within Twitch has further confirmed that the files are genuine.

According to the hacker and Twitter users who have started to examine the files, the data leaked comprises at least:

  • All Twitch source code
  • Comment history "going back to its early beginnings"
  • Financial details including creator payouts since 2019
  • Source code for Twitch apps including Apple TV
  • An as-yet unreleased Steam competitor
  • Internal security tools
  • Proprietary SDKs, internal Amazon Web Services tools

The Steam competitor is called Vapor, and is made by Amazon Game Studios. There's also reportedly an associated Vapeworld, possibly a chat service intended to integrate with Vapor.

Some users are claiming that encrypted passwords are also included in the hack.

Assuming it is accurate, the leaked data has revealed the money that companies such as CriticalRole, have earned from Twitch.

The original version of Twitch launched in 2011, and was bought by Amazon in 2014. Among its client apps are a long-running iOS app, a client for the Mac, and most recently Apple TV.

Update 11:37 AM Eastern time: In a Tweet, Twitch has confirmed the breach, but has not as of yet commented on the magnitude of what it believes was stolen.