[Security Weekly] Twitch’s Entire Source Code Leaked By Hackers
October 2021, Issue II
1. Twitch’s entire source code and business data leaked online by hackers
Twitch, one of the largest video game live streaming platforms in the world, suffered a massive data breach where a hacker posted its entire source code from over 6,000 internal Git repositories online. A subsidiary of Amazon, Twitch has 15 million daily users and over 3 million content creators.
The source code dating back to the founding of the company, including red team tools and threat models, was posted online for free as a torrent link on October 6. This opens up the company’s weaknesses to the entire world of hackers. The 128 GB file also included other business data such as creator payout information and software development kits.
The hacker claimed this to be a retaliation against Twitch’s negligence of a long-run problem; the comment sections of certain minor creators have been filled with verbal abuse and personal attacks. The company admitted the issue and promised to address the problem back in August.
After weeks of investigations, Twitch confirmed that user credentials and payment card information were not compromised in the attack.
Sources: Bleeping Computer, The Verge, The Guardian
2. Acer customer data stolen after hackers breach customer service center
Six months after Acer suffered one of the most expensive ransomware attacks back in March, the computer giant went through yet another serious cyberattack in mid-October, affecting both its customer service center in India and headquarters in Taiwan.
The hackers, who call themselves Desorden, claimed to have stolen 60 GB of data from the customer service center and posted online a sample with screenshots. According to the hackers’ claim, stolen data included the personal information of millions of customers, along with corporate financial data and the login credentials of over 3,000 retailers and distributors.
A week later, Acer reported that its servers in Taiwan were also impacted by the attack, of which sensitive employee data and product information were compromised.
To prevent further attacks, the computer giant must update its cybersecurity measures to protect vulnerable servers from being exploited.
Sources: Infosecurity, Taiwan News
3. US TV stations experience service outage following cyberattack at Sinclair
Sinclair Broadcast Group, the second-largest TV station operator in the United States, confirmed a ransomware incident that led to a widespread service outage and data breach. The Fortune 500 conglomerate operates 185 TV stations with 620 channels across the US.
Sinclair first detected network intrusion on October 16 and later confirmed it to be a ransomware attack. The attack impacted the company’s servers, email and phone services, as well as the broadcasting systems at its TV stations. As a result, many channels were unable to broadcast live morning news and the NFL games. Commercials were also disrupted.
The company also confirmed that the data in its servers were stolen by the ransomware operators. It is currently investigating whether personal information was compromised.
This is the second data breach Sinclair experienced this year. During the previous incident in July, the company asked all TV stations to change their passwords.
Sources: Threatpost, CNN
4. Brazilian e-commerce giant Hariexpress leaks 1.75 billion sensitive records
Hariexpress, a Brazilian e-commerce solutions provider, reportedly leaked over 1.75 billion sensitive files from a misconfigured and unencrypted ElasticSearch database. The company provides solutions to a number of large online shopping platforms including Amazon.
The misconfigured database was first discovered in July 2021, of which over 610 GB of data were exposed. The leaked data contained sensitive personal information such as full names, home and business addresses, email addresses, and social security numbers. All purchase details including product, price, time, and invoice were also exposed.
Security misconfiguration is the fifth-most critical web vulnerability as outlined by the 2021 OWASP Top 10. To prevent such failures, organizations should periodically review system configurations, especially after new updates are installed.
Sources: ZDNet, Infosecurity
Check out Penta Security’s product lines:
Web Application Firewall: WAPPLES
Database Encryption: D’Amo
Identity and Access Management: iSIGN+
Car, Energy, Factory, City Solutions: Penta IoT Security