Including its source code. Change your passwords and add two factor authentication if you haven't.
Then take a look at what everybody earned from Twitch since October 2019.
It also references a potential Amazon competitor to Steam apparently.
Including its source code. Change your passwords and add two factor authentication if you haven't.
Then take a look at what everybody earned from Twitch since October 2019.
It also references a potential Amazon competitor to Steam apparently.
The biggest risk is really whether they chose to prioritize security or just left it up to tiny budgets and middle management, which I would say is the usual standard. Security best practices are for the cool kids that care about it enough to actually do it and you won't know about the worst ones until things like this happen. There's basically no punishment for it, either.
It's Twitch, they definitely skimped on security.
No disagreement there (and I haven't looked through their code so what do I know), but you would have to go out of your way to screw up password hashing. I don't see how there's any way a company like Twitch, whose engineering team is known for being good at what they do, wouldn't lock that down.
The way to screw it up is to do it 5+ years ago and use a library that doesn't automatically use bcrypt or similar, but forces you to personally choose to salt and hash as a design decision (or by default just not do that). I've seen no salt + md5sum before, lol.