Twitch's huge leak consisting of more than 100GB of source code and payment data came as a surprise to everyone this week, including the company itself. The Amazon subsidiary has since started investigating and is looking into the security implications of the incident. Thankfully, the company hasn't found evidence that any login data has been leaked so far, but out of an abundance of caution, all stream keys have been reset.

Twitch shares that the leak was caused by “an error in a Twitch server configuration change that was subsequently accessed by a malicious third party,” with its teams still working to investigate the incident. From what the company has learned, it doesn’t look like passwords have been exposed, though: “At this time, we have no indication that login credentials have been exposed.”

Since this wording isn’t exactly confidence-inspiring, we still highly encourage you to change your Twitch password and activate two-factor authentication, just in case. On the bright side, Twitch can rule out that any credit card numbers have been compromised, as it doesn’t store these on its own servers at all.

Twitch has additionally shared that “out of an abundance of caution, we have reset all stream keys.” Streamers can request new codes under ​​https://dashboard.twitch.tv/settings/stream. If you use Twitch Studio, Streamlabs, Xbox, PlayStation, or the Twitch app for streaming, you don’t need to take any additional steps to get the new codes working. OBS users that don’t have their account connected to Twitch will have to manually update the key. For any other software, you’ll have to refer to its own documentation.

It will likely take Twitch some time to process all the leaked data, and the full implications of the incident are yet to be determined. We can only encourage Twitch users to change their passwords just in case.