People

Fallout from the Twitch data leak is already severe, and it’s going to get worse

A massive gaming breach has exposed some of Twitch's most sensitive data, and nobody is happy.

Twitch app with leaky faucet on side

Twitch is now dealing with the fallout from arguably its most severe data breach to date.

Image: Christopher T. Fong/Protocol

Twitch on Wednesday disclosed a data breach, and it was far from an average, run-of-the-mill leak. This breach involved hundreds of gigabytes of sensitive company data, including platform source code, internal tooling and future product plans, like an Amazon-owned competitor to Valve's Steam marketplace codenamed "Vapor."

Yet perhaps the most sensitive leaked info, and from which we can expect the most fallout, is more than two years' worth of data pertaining to streamer payouts on the platform. Internet sleuths and other curious onlookers have already begun compiling this data into neat spreadsheets and working to verify it against publicly available info. All signs right now point to it being legitimate, though with some unexplained discrepancies. Twitch has yet to confirm the data's veracity.

Streamer earnings are a sensitive subject. The streaming landscape is quite new compared to the world of traditional celebrity, and much of it depends on a streamer's ability to cultivate a daily friendlike fandom with internet strangers. So it's come as a shock to some to see just how wealthy Twitch personalities are, and it's sure to complicate Twitch's relationship with creators and those creators' relationships with their fans.

  • The leak contains earnings stretching back to at least August 2019. It includes Twitch subscriber revenue after the platform's 50% cut, and ad revenue, although the leak does not contain data on sponsorships, donations, merchandise or other financials that we know of right now. (The alleged hacker's messaging suggests more leaked data may be on the way.)
  • Twitch, like YouTube, has become a burgeoning creator ecosystem that largely advertises itself as a neutral platform where any one streamer can make it big through hard work, long hours and community building.
  • However, Twitch also cuts lucrative deals with streamers, often renegotiating the cut it takes on subscriptions and the amount of money it may pay them upfront to stay on Twitch and not leave for YouTube or Facebook. Having streamer payouts laid bare may impose pressure on Twitch when negotiating such deals and make it potentially more difficult for streamers to cut competing deals.

The thief is on what sounds like a moral crusade. This wasn't just an unprotected database that was easy for all to find. Twitch now says a server configuration change left the data exposed to a malicious third party, which deliberately stole it and then posted it as a link on infamous internet forum 4chan with the intent to "foster more disruption and competition in the online video streaming space," the anonymous poster wrote.

  • Twitch has become embroiled in a series of controversies over the last few years, ranging from its handling of harassment and music copyright strikes to the amount of support it gives certain big-name streamers over smaller creators. In late August, Twitch members organized a boycott of the platform over so-called "hate raids."
  • The 4chan poster, whose role in the hacking is unclear, referred to Twitch as a "disgusting toxic cesspool" and the leak, labeled "day one," may be the beginning in a series of related data dumps.
  • Despite the grand intentions, the leak exposes streamers to potential financial security and personal safety threats now that part of their net worth has been made public without their consent, as Motherboard reported Wednesday.

Some streamers are open about how much money they make. Political commentator Hasan Piker, who the data indicates was the 13th highest-paid streamer since 2019, glibly wrote on Twitter, "Can't wait for [people] to be mad at me about my publicly available sub count again," because Piker opts to make this information available to anyone who views his streams. Many others, however, do not, in part because it can complicate one's public image.

  • The leak indicates 81 Twitch streamers have made more than $1 million from the platform in the last two years. Much like YouTube, these streamers can afford to stream for hours every day and can in the process become veritable and wealthy internet celebrities.
  • The streaming ecosystem is imbalanced, with a vast majority of streamers making close to no money and streaming to anywhere from zero to 10 viewers on average. Smaller streamers have often complained about the struggles to attain viewership and exposure on Twitch, given the platform's organization around a small handful of the most popular video games and streamers.
  • Knowing payout information in blunt dollar figures will likely complicate an already-fragile landscape where most of the money flows to the top and breakout successes are relatively rare. Comparing streamers' relative financial health and arguing over who "deserves" more or less money is already rampant on social media.

Twitch is now in the uncomfortable position of trying to investigate this leak and how it happened, combat future breaches down the line and regain the trust of its community all at the same time. It's not clear right now how this data, regardless of its accuracy, will be weaponized and how it might influence the platform's online and offline dynamics. But this information, once a closely guarded company secret, is now out in the open, and there's no turning back.

Update Oct. 7, 10:45AM ET: Added additional information about the breach from Twitch.

A version of this story will be in tomorrow's Source Code newsletter. Sign up here to get it in your inbox every day.

Enterprise

How I decided to leave the US and pursue a tech career in Europe

Melissa Di Donato moved to Europe to broaden her technology experience with a different market perspective. She planned to stay two years. Seventeen years later, she remains in London as CEO of Suse.

“It was a hard go for me in the beginning. I was entering inside of a company that had been very traditional in a sense.”

Photo: Suse

Click banner image for more How I decided seriesA native New Yorker, Melissa Di Donato made a life-changing decision back in 2005 when she packed up for Europe to further her career in technology. Then with IBM, she made London her new home base.

Today, Di Donato is CEO of Germany’s Suse, now a 30-year-old, open-source enterprise software company that specializes in Linux operating systems, container management, storage, and edge computing. As the company’s first female leader, she has led Suse through the coronavirus pandemic, a 2021 IPO on the Frankfurt Stock Exchange, and the acquisitions of Kubernetes management startup Rancher Labs and container security company NeuVector.

Keep Reading Show less
Donna Goodison

Donna Goodison (@dgoodison) is Protocol's senior reporter focusing on enterprise infrastructure technology, from the 'Big 3' cloud computing providers to data centers. She previously covered the public cloud at CRN after 15 years as a business reporter for the Boston Herald. Based in Massachusetts, she also has worked as a Boston Globe freelancer, business reporter at the Boston Business Journal and real estate reporter at Banker & Tradesman after toiling at weekly newspapers.

Sponsored Content

Great products are built on strong patents

Experts say robust intellectual property protection is essential to ensure the long-term R&D required to innovate and maintain America's technology leadership.

Every great tech product that you rely on each day, from the smartphone in your pocket to your music streaming service and navigational system in the car, shares one important thing: part of its innovative design is protected by intellectual property (IP) laws.

From 5G to artificial intelligence, IP protection offers a powerful incentive for researchers to create ground-breaking products, and governmental leaders say its protection is an essential part of maintaining US technology leadership. To quote Secretary of Commerce Gina Raimondo: "intellectual property protection is vital for American innovation and entrepreneurship.”

Keep Reading Show less
James Daly
James Daly has a deep knowledge of creating brand voice identity, including understanding various audiences and targeting messaging accordingly. He enjoys commissioning, editing, writing, and business development, particularly in launching new ventures and building passionate audiences. Daly has led teams large and small to multiple awards and quantifiable success through a strategy built on teamwork, passion, fact-checking, intelligence, analytics, and audience growth while meeting budget goals and production deadlines in fast-paced environments. Daly is the Editorial Director of 2030 Media and a contributor at Wired.
Enterprise

UiPath had a rocky few years. Rob Enslin wants to turn it around.

Protocol caught up with Enslin, named earlier this year as UiPath’s co-CEO, to discuss why he left Google Cloud, the untapped potential of robotic-process automation, and how he plans to lead alongside founder Daniel Dines.

Rob Enslin, UiPath's co-CEO, chats with Protocol about the company's future.

Photo: UiPath

UiPath has had a shaky history.

The company, which helps companies automate business processes, went public in 2021 at a valuation of more than $30 billion, but now the company’s market capitalization is only around $7 billion. To add insult to injury, UiPath laid off 5% of its staff in June and then lowered its full-year guidance for fiscal year 2023 just months later, tanking its stock by 15%.

Keep Reading Show less
Aisha Counts

Aisha Counts (@aishacounts) is a reporter at Protocol covering enterprise software. Formerly, she was a management consultant for EY. She's based in Los Angeles and can be reached at acounts@protocol.com.

Workplace

Figma CPO: We can do more with Adobe

Yuhki Yamashita thinks Figma might tackle video or 3D objects someday.

Figman CPO Yuhki Yamashita told Protocol about Adobe's acquisition of the company.

Photo: Figma

Figma CPO Yuhki Yamashita’s first design gig was at The Harvard Crimson, waiting for writers to file their stories so he could lay them out in Adobe InDesign. Given his interest in computer science, pursuing UX design became the clear move. He worked on Outlook at Microsoft, YouTube at Google, and user experience at Uber, where he was a very early user of Figma. In 2019, he became a VP of product at Figma; this past June, he became CPO.

“Design has been really near and dear to my heart, which is why when this opportunity came along to join Figma and rethink design, it was such an obvious opportunity,” Yamashita said.

Keep Reading Show less
Lizzy Lawrence

Lizzy Lawrence ( @LizzyLaw_) is a reporter at Protocol, covering tools and productivity in the workplace. She's a recent graduate of the University of Michigan, where she studied sociology and international studies. She served as editor in chief of The Michigan Daily, her school's independent newspaper. She's based in D.C., and can be reached at llawrence@protocol.com.

Climate

Microsoft lays out its climate advocacy goals

The tech giant has staked out exactly what kind of policies it will support to decarbonize the world and clean up the grid.

Microsoft published two briefs explaining what new climate policies it will advocate for.

Photo by Jeremy Bezanger on Unsplash

The tech industry has no shortage of climate goals, but they’ll be very hard to achieve without the help of sound public policy.

Microsoft published two new briefs on Sept. 22 explaining what policies it will advocate for in the realm of reducing carbon and cleaning up the grid. With policymakers in the U.S. and around the world beginning to weigh more stringent climate policies (or in the U.S.’s case, any serious climate policies at all), the briefs will offer a measuring stick for whether Microsoft is living up to its ideals.

Keep Reading Show less
Brian Kahn

Brian ( @blkahn) is Protocol's climate editor. Previously, he was the managing editor and founding senior writer at Earther, Gizmodo's climate site, where he covered everything from the weather to Big Oil's influence on politics. He also reported for Climate Central and the Wall Street Journal. In the even more distant past, he led sleigh rides to visit a herd of 7,000 elk and boat tours on the deepest lake in the U.S.

Latest Stories
Bulletins