DataBreaches.Net

XSplit Password Reset Alert – Protecting Your Twitch Account

Posted on by Dissent

The following was posted yesterday on Twitch:

Attention Broadcasters:

If you are currently or have in the past used XSplit to stream to Twitch, please read this carefully.

It has come to our attention that various data on XSplit’s servers have been compromised. In particular, your XSplit credentials (account name and password), as well as your Twitch account name and stream key may have been exposed. Such exposure might allow an external party to broadcast to your Twitch channel.

Please see this XSplit announcement for more details.

We want to reassure you that no Twitch data was compromised directly through Twitch. If you use a universal password across multiple sites, however, this may allow compromise of your Twitch account and other accounts.

To protect your Twitch account, we recommend that you reset the stream key on your Twitch channel.

In addition, if you have shared your password between your XSplit and Twitch account, we also advise you to:

  • Change the password on your Twitch account.
  • Change the passwords of any other accounts which you shared this password with.

Just a reminder, we encourage all users of the Twitch service to follow best practices for security when creating and managing passwords on your account. These include:

  • Never sharing your password with another account.
  • Creating a strong password that can’t be easily guessed or attacked via brute force. Test your new password by using this tool.

Using a password manager such as 1Password or LastPass.

The related announcement says:

XSplit Password Reset Alert
Date Posted: 07 NOV 2013

For the security of all our users we’re issuing a system wide password reset request, due to reports of suspicious activity.

We believe that various data on XSplit’s servers may have been compromised; In particular, your XSplit account name and password, as well as account name and stream key for live streaming services that you have used.

We are currently in the process of setting up a password reset page. Once it is live, users will be able to reset their password by entering their username. This will then send an email to users’ email inbox, allowing them to reset their password.

*We will update this blog post with a link to the password reset page, as soon as it goes live*

  • We want to reassure you that NO paypal or credit card payment information is stored with XSplit account data.
  • We encourage you to update your password(s) across any other sites where you use the same or similar password(s)

We thank you for your patience and understanding.

– The XSplit Team