Twitch resets user passwords following breach

Twitch, the Amazon-owned game video streaming service, has reset passwords for all its users after warning of a security breach that may have allowed hackers to access user names, passwords, and other personal information.

According to a blog post Twitch published Monday evening, current passwords have been expired and users will be required to create a new one the next time they log in. Accounts have also been disconnected from Twitter and YouTube. As is standard practice, anyone who used the same password for multiple services should assume it's compromised and create a new and unique passcode for each property. Credit card data was not affected, the company said.

Monday's advisory provided few details. E-mails sent to users said hackers may have gained unauthorized access to Twitch usernames and associated e-mail addresses, encrypted passwords, the last IP address users logged in from, and—for users who provided such information—first and last names, phone numbers, addresses, and dates of birth. According to a report from Venturebeat, a separate e-mail sent only to select users provided an intriguing additional detail. "While we store passwords in a cryptographically protected form, we believe it's possible that your password could have been captured in clear text by malicious code when you logged into our site on March 3rd," it said.

Read 2 remaining paragraphs | Comments