The live streaming platform Twitch warning users that a glitch may have exposed some of their private messages to other users.
The company sent out the notifications to some broadcasters informing them that a software bug could have changed access permissions to older messages allowing other users to download them and read them.
The flaw affected recently removed a feature dubbed Messages that have exposed some the messages.
“I reached out to Twitch for a comment, and a company spokesperson says that it has fixed the bug. It also explained that most of the exposed messages were promotional announcements that went out to everyone who subscribes to certain channels. But it’s possible that this also affected private communications featuring more sensitive information as well.” reported VentureBeat.
“In May, we removed a legacy feature called Messages and provided users the ability to download an archive of past messages. Due to a bug in the code that generated the message archive files, which has since been fixed, a small percentage of user messages were included in the wrong archives.” reads the statement from Twitch’s spokesperson.
“The primary use case for Messages was promotion; streamers sending out mass communication to subscribers for example, and the majority of messages that were unintentionally provided to another user fall into that category. We have notified users via email and provided them the affected messages for review. Protecting our users’ privacy is important to us and we have taken actions to ensure this kind of error does not happen in the future.”
According to Twitch, the bug only affected the Messages feature, and there were no private messages sent via the Twitch Whisper systems included in these archives.
Twitch users can discover if their messages were accidentally exposed by visiting the website twitch.tv/messages/archive.
Searching on Twitter it is possible to find messages of Twitter users that found messages in their archive belonging to other users.
Anyway, Twitch sent a warning message to all affected users.
[adrotate banner=”9″] | [adrotate banner=”12″] |
(Security Affairs – data leak, privacy)
[adrotate banner=”5″]
[adrotate banner=”13″]
BlackBerry reported that the financially motivated group FIN7 targeted the IT department of a large…
An international law enforcement operation led to the disruption of the prominent phishing-as-a-service platform LabHost.…
Russia-linked APT Sandworm employed a previously undocumented backdoor called Kapeka in attacks against Eastern Europe since…
Cisco has addressed a high-severity vulnerability in its Integrated Management Controller (IMC) for which publicly…
Threat actors are exploiting the CVE-2023-22518 flaw in Atlassian servers to deploy a Linux variant of…
Ivanti addressed two critical vulnerabilities in its Avalanche mobile device management (MDM) solution, that can…
This website uses cookies.