back to article Twitch stitch-up: Gaming vid streamers in data breach hack alert

Gameplay-streaming upstart Twitch thinks hackers may have harvested its user accounts for private information – and has reset people's passwords as a precaution. The San Francisco-based startup, which lets people stream videos of themselves playing games to online spectators – said it has also voided all stream keys, and …

  1. Anonymous Coward
    Anonymous Coward

    this is why we can't have nice things.

  2. Term

    Easy Peasy

    "El Reg would suggest that if you haven't already, this is a good excuse to adopt a unique password for every site."

    Because remembering 50+ passwords, all with upper/lower case, numbers and symbols and not based on dictionary words is EASY!

    1. BinkyTheHorse

      Re: Easy Peasy

      On the Internet, no one can hear you sarcasm.

    2. Captain Scarlet

      Re: Easy Peasy

      Yes but after changing lots of passwords for the fifth time many years ago I got fed up.

      I now have two passwords, one which unlocks my password file in a popular password utility and the other a popular email service. If I lose both I am well and truly screwed.

      1. War President

        Re: Easy Peasy

        Logical, but a password utility doesn't work so well when you don't have access to it. I use an organically stored algorithm along with partial site name and one of two passphrases to generate the password on the fly. One passphrase for things linked to banking/financials, another for less important stuff. Oh, plus another wholly made up password for email. Works well until the hardware goes bad. :)

        1. Captain Scarlet

          Re: Easy Peasy

          Yes buts its good for stopping me randomly buying stuff from <Insert popular tat flogger> when drunk

    3. Anonymous Coward
      Anonymous Coward

      Re: Easy Peasy

      Password managers are though.

  3. Peter 26

    There needs to be a standard we were hacked announcement including certain details. The two main things I want to know are:

    What algorithm was used for encrypting the passwords?

    Were the passwords individually salted?

    Maybe they don't include these details because they don't want to confuse the public, but the cynic in me says they don't include these details because they are too embarrassed to admit they weren't.

    1. lglethal Silver badge

      Wouldnt have helped...

      If you read the article (and some other articles I've read seem to confirm this), then you'll see that the hackers took over the login webpages. Thus the passwords were grabbed before they were encrypted, similar to if someone had a keylogger installed on your computer.

      From the details I read on a different website (but dont take this as confirmation) it seems that the hackers had the website under control for 1 day (March 3rd), but until some more details come out, that might turn out to be an underestimate...

      Still, annoying for those people who use Twitch...

      1. NotWorkAdmin

        Still, annoying for those people who use Twitch...

        Indeed. Just got the email and came here first to see whether it was just me. Apparently not eh?

  4. Ben Rose

    Thankfully not signed up to Twitch, I've got enough trouble with El Reg leaking my personal details to third parties.

  5. jonfr

    The email message

    I got this email message also. I had assigned Twitch its own password, but the email address is shared among several thing. I don't plan on closing down that email address unless I start to get massive amount of spam emails.

    I did change the password for security reasons. I don't remember if I logged into Twitch on 2 and 3rd March.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like