In a recent update that addressed the vulnerability this month, Twitch downplayed the extent of the impact of the breach, saying that only a small number of users were affected.
Twitch also revealed that no login details or full credit card / payment details of users or streamers were released during the breach.
While the data uncovered in the incident and leaked on the 4chan Imageboard is primarily intended to contain documents from the company’s source code repository and a subset of the originator’s payout data, Twitch made it comprehensively clear: “We’ve undergone a thorough review of the information included in the files exposed and are confident that it only affected a small fraction of users and the customer impact is minimal. We are contacting those who have been impacted directly. Twitch passwords have not been exposed. We are also confident that systems that store Twitch login credentials, which are hashed with bcrypt, were not accessed, nor were full credit card numbers or ACH / bank information.”
For more information, read the original story in Bleeping Computer.