Many Twitch users receiving forced password reset emails

Bradley Wint
Mar 4, 2017 2:41pm AST
Photo: Twitch

Many Twitch users received an email this morning claiming that there may have been unauthorized access to their accounts, and that their passwords would be temporarily reset.

This comes just a few hours after Twitch experienced technical difficulties in the past twenty four hours. Users reported being forced out of their accounts, with some being booted out mid-stream. They were then unable to re-login as the system claimed that their passwords were incorrect.

The self-reset function also seemed to be non-functional, as many have since not received their follow up emails (even though we did).

The email which came from email hidden; JavaScript is required advised users that their accounts may have been compromised, and they should conduct a password reset immediately. Beyond the email coming from the company’s domain, the message seems to be legitimately sent from them as no links were provided back to the website (usually included in phishing emails).

We believe that an unauthorized party may have accessed your Twitch.tv account. For your security, we have invalidated your existing sessions and we have assigned a temporary password to your account.

You will need to reset your password when you return to Twitch. To reset your password, click “Log In” at the top of any page on Twitch.tv. On the Sign In page, click the “Trouble logging in?” link to reach the Twitch.tv Password Assistance page. After you enter your username, you will receive an email containing a personalized link. Click the link from the email and follow the directions provided.

Get your daily tech burst in your inbox!

We also encourage you to enable two-factor authentication (2FA) to protect your account from unauthorized logins. 2FA requires two different methods of verification to log in to your Twitch account: your password and your mobile phone. If your password is compromised, your account will be inaccessible without the unique code sent to your phone. To learn more about Two-Step Verification, go to Twitch.tv, go to Help, and click Two Factor Authentication with Authy, located in the Getting Started section.

We are unable to say how your sign-in information was obtained since the activities used to obtain these details occur away from our websites. Some techniques used to gain unauthorized access include trying commonly-used passwords, trying credentials obtained from compromises of other services, and by using malicious software to capture a user’s keystrokes and Internet activity.

Sincerely,
Twitch

Even though they advised users to enable two-step login, it’s unclear if accounts were really compromised or not as some reddit users with 2FA enabled reported receiving the same email as well.

We have reached out to Twitch for a comment, and we will update this post accordingly.

Stay in the know

Subscribe to the Try Modern Tech Daily Digest for the latest tech news stories, deals, and how-to's in your inbox!

Founder/Executive Editor
PGP Fingerprint: EF2C 9B80 085C C837 3DA3 995D A864 F801 147F E619 | PGP Key
More From Technology

Half of U.S. population’s data exposed in huge Equifax data breach

By - Sep 8, 2017 12:39am AST
Equifax, a US-based credit reporting agency, has confirmed that sensitive consumer data belonging to over 143 million customers was compromised earlier this year. According to the official press release, hackers… Continue Reading

YouTube-MP3.org closes under legal pressure

By - Sep 6, 2017 11:42pm AST
Popular stream ripping site YouTube-MP3.org, will finally close its doors after being slammed with a legal complaints by 15 of the top global record labels. The site which allows you… Continue Reading

The next iPhone to be announced September 12th; starting at $999

By - Aug 29, 2017 6:08pm AST
Multiple sources, including the Wall Street Journal are confirming that Apple will announce its next iPhone lineup on September 12th. By line up, we mean three new iPhone models; the… Continue Reading