Prior to the removal of its old Messages feature in May, Twitch enabled streamers to download archives of their messages before they were nuked into nothingness. As reported by Polygon, it didn't go quite as planned, and some messages ended up going to the wrong people.
"Due to a bug in the code that generated the message archive files, which has since been fixed, a small percentage of user messages were included in the wrong archives," Twitch said in a statement.
"The primary use case for Messages was promotion; streamers sending out mass communication to subscribers for example, and the majority of messages that were unintentionally provided to another user fall into that category. We have notified users via email and provided them the affected messages for review. Protecting our users’ privacy is important to us and we have taken actions to ensure this kind of error does not happen in the future."
As far as security breaches go it sounds fairly minor at first: passwords weren't revealed, credit card information wasn't stolen, and people who ended up with private messages intended for other people weren't trying to dig them up for nefarious purposes and so will hopefully either delete them or pass them along to their intended recipients. But it seems certain that some personal information did end up being exposed.
One of my messages was from a user to me who won a giveaway. Their full name and address is listed with their username. I wonder how many other people got this?August 17, 2018
Twitch didn't say how many messages were misdirected, or how many streamers were affected, but it set up a portal that will tell you if your private comms were among them.
