Amazon’s game streaming service Twitch was hacked on Monday—making it the latest in a seemingly endless string of high-profile data breaches. Amazon released an email to its users confirming the hack and its security measures to contain it.
The statement reads “We are writing to let you know that there may have been unauthorized access to some Twitch user account information. For your protection, we have expired passwords and stream keys and have disconnected accounts from Twitter and YouTube”.
Twitch users will now receive notification emails directing them to reset passwords before they’ll be able to regain entry to their accounts. Furthermore, users who connected accounts to social media platforms—Facebook, Twitter etc.—will have to go through the connection process again once passwords have been set.
The Twitch blog statement includes the following guidance for creating secure passwords:
In order to create a secure password, we suggest you use a long random character string with a mix of character types (letters, numbers, symbols). To make it easy to remember, feel free to use words from the dictionary with multiple uncommon string substitutions.
Bad: Applesauce1! – You’re using different character types, but the majority of the password is a single word from the dictionary
Okay: ILoveGreenApplesauce – You’re using multiple words and lots of characters, but the words are too common.
Good: !70v3Gr33n@pple$auce? – You’re using multiple words and lots of characters with uncommon substitutions. Good job.
Best: Use a reputable password manager with a random password generator.
Amazon initially set complex password requirements to help users create new passwords that are very secure. In the wake of user complaints, though, Amazon reduced the password length requirement to a minimum of eight characters.
Twitch is a gaming platform that lets users watch other users play games and also listen to music via its music category. Twitch was acquired last year by Amazon for $970 million.
No further information was provided on the nature of the attack, the affected users or its origins. Twitch users who may have something to add to the story should not hesitate to contact us.