Twitch Hacked: How to Protect Your Account Information From Leaks

Twitch representatives have now confirmed that the streaming platform recently suffered a potentially massive security breach that may have exposed a significant amount of the company’s internal data and source code information.

We can confirm a breach has taken place. Our teams are working with urgency to understand the extent of this. We will update the community as soon as additional information is available. Thank you for bearing with us.

— Twitch (@Twitch) October 6, 2021

While we are still waiting for official confirmation regarding the extent of this breach, initial reports suggest that it is one of the biggest tech hacks in recent memory. There will certainly be more to say about this story in the coming days and weeks, but the one thing you absolutely need to know right now is that this breach represents a potential security risk for Twitch users everywhere.

At the moment, it does sound like there is a strong possibility that user account information may have been exposed via this breach. While it’s not entirely clear how much information may have been leaked, Twitch officials and security experts are already advising everyone to take basic precautions in order to protect themselves against what could prove to be a significant event.

That being the case, here’s what you need to know about protecting your personal information on Twitch.

How to Change Your Twitch Password

The first thing you should do after any security breach is change any passwords associated with the affected site. Here’s how you change your Twitch password:

1. Go to Twitch and click on your profile icon (it should be near the top right of the website).
2. Choose the “Settings” option.
3. Navigate to the “Security and Privacy” tab and choose the “Change Password” option under “Security.”
4. Enter your old password and choose (then confirm) your new password. Twitch will contact you via email or phone for confirmation of this password change.
5. You’re done!

As always, it’s also a good idea to see if you’re currently using your potentially exposed Twitch password on other websites and change them there as well.

How to Set Up Two-Factor Authentication on Twitch

You’re probably tired of hearing it, but setting up Two-Factor Authentication really is one of the best basic security steps you can take to protect your personal information online. Here’s how you set up 2FA on Twitch:

1. Make sure the email address associated with your Twitch account is verified. To see if your email is verified, go to the “Security and Privacy” tab of your Twich profile. If you see a message that says your email hasn’t been verified yet, follow the steps provided by Twitch via that message to verify it now.
2. Once your email is verified, go back to the “Security and Privacy” tab in the “Settings” section of your profile. There, look for the “Set-Up Two Factor Authentification” button.
3. Select “Enable 2FA” if it is not currently enabled on your profile.
4. Enter your preferred account phone number followed by the authentifaction code Twitch will send to that number.
5. From here, you will need to complete your 2FA set up via an authenticator app or SMS message. If you’re using an authenticator app, you’ll need to use that app to scan the QR code provided by Twitch. If you prefer to receive an SMS message for verification (or if you’re setting up 2FA via the Twitch mobile app) then you can select that option instead.
6. 2FA should now be enabled for your Twitch account, which also means you’ve just gained access to six exclusive 2FA emotes!

How to Reset Your Stream Key on Twitch

Your Twitch Stream Key is essentially an ID number that allows you to link your Twitch account to your preferred broadcasting software. If you’ve ever streamed on Twitch (or if you’ve ever set up a creator account via the platform), it might be a good idea to reset your current Stream Key by following these steps:

1. Log into your Twitch account and open the “Creator Dashboard” via your Profile.
2. In the Creator Dashboard menu, select the “Preferences” option followed by “Channel.”
3. Under the “Stream Key & Preferences” section that appears, you should see a menu called “Primary Steam Key.” Click the Reset button next to that key.
4. Choose the “Show” option to display your new Stream Key. You’ll then need to copy and paste this key to your prefferred broadcasting software.

Please keep in mind that resetting your Twitch Stream Key should not cause you to lose any important information, but it might be a good idea to test the new key just to be safe.

How to Change and Remove Payment Information on Twitch

While it’s not entirely clear at this time whether or not personal payment information has been exposed via this recent Twitch breach, it’s never really a bad idea to change and remove any existing payment information that may be associated with your potentially vulnerable account. Here’s how you do that:

1. Go to your Twitch profile and open the “Wallet” section.
2. This will show you the history of your Twitch transactions to-date as well as the current payment information you have saved to your Twitch account. For the moment, let’s focus on the latter.
3. Under “Saved Payment Methods” you can choose to “Delete” any credit cards or similar payment info that is currently linked to your Twitch account.

Please note that removing an existing saved payment method means that you will not be able to automatically update/renew any channel subscription associated with that payment method and you will not be able to receive any regular “Bits Auto-Refills” associated with that payment method. However, you will still be able to manually subscribe to channels and purchase/donate Bits without saving payment information to your account.

It might also be worth mentioning that this section of your profile lets you view your Twitch transaction history. While this section will not tell you if any payment information that was potentially taken from your Twitch account has been used outside of the website, it will let you see if anyone has made unauthorized Twitch purchases with your account or payment information.

General Security Tips for Your Twitch Account

Finally, here are a few general security tips that might help you better protect your Twitch account now and in the future.

• Don’t use your real birthday on your Twitch account. Your birthday is one of the most common online security pillars, and some people still use it as the basis of their passwords and pins.
• If you’re streaming, be very careful with what personal information you may directly or accidentally share (espcially information related to your location).
• While they’re conienent, you may want to disable any recurring Twitch subscriptions in order to reduce your depenance on saved payment information.
• Always use complicated passwords and 2FA.
• Regularly check your Twitch transaction history for any transactions you did not make.
• Keep an eye out for any security breaches via Twitch or on any digital platforms that share peronsal information you also use on your Twitch account. When these breaches happen, it’s time to change or remove as much shared information as possible.