Harassment

Popular streaming platform Twitch confirmed on Twitter that it suffered a data breach.

The Amazon-owned service says its “teams are working with urgency to understand the extent of this.”

We can confirm a breach has taken place. Our teams are working with urgency to understand the extent of this. We will update the community as soon as additional information is available. Thank you for bearing with us.

— Twitch (@Twitch) October 6, 2021

Hackers accessed Twitch’s source code and published over 125GB of data online from Twitch and related services.

The data includes the source code for Twitch and an unreleased Steam competitor from Twitch’s parent company, Amazon. The leaked information also included three years’ worth of payouts to Twitch creators. Further, the massive leak was labelled ‘part one,’ suggesting more data could come in the future.

The person who posted the leak claims it’s meant to “foster more disruption and competition in the online video streaming space” and called the Twitch community “a disgusting toxic cesspool.”

It’s worth noting that Twitch has recently struggled to deal with ‘hate raids.’ Creators took a day off last month to protest and bring attention to the increased harassment and hate raids plaguing the platform. Considering the comment about Twitch’s community, it’s possible the attack could be related to the ongoing harassment issue.

Although the leak doesn’t appear to include passwords or address information for users, that doesn’t mean hackers didn’t obtain that information in the breach. If you use Twitch, you should probably update your password and add two-factor authentication (2FA).

The leak includes the following information:

Three years of Twitch creator payouts
The entirety of twitch.tv, including “commit history going back to its early beginnings”
Source code for the mobile, desktop and video game console Twitch clients
Code from proprietary SDKs and internal Amazon Web Services (AWS) used by Twitch
An unreleased Steam competitor from Amazon Game Studios
Data on related Twitch properties like IGDB and CurseForge
Twitch’s internal security tools

Ultimately, it appears hackers targeted Twitch and its system rather than users. But again, this is also allegedly the first part of a larger leak. It also remains unclear how hackers gained access to so much Twitch data and whether they exploited a larger flaw in AWS. If so, that could pose significant problems since AWS powers such a larger amount of the internet.

Source: Twitch Via: The Verge, Engadget

Apple fired senior engineering program manager Ashley Gjøvik, alleging she violated the company’s rules against leaking confidential information.

However, the firing comes after Gjøvik spent months tweeting about allegations of harassment, surveillance and workplace safety. Gjøvik says she began raising concerns in March 2021 and faced “retaliation and intimidation” from Apple.

“I’m disappointed that a company I have loved since I was a little girl would treat their employees this way,” Gjøvik told The Verge.

Gjøvik started by raising concerns about her office, located in an Apple building on a superfund site. That means it requires special oversight due to historical waste contamination. When Gjøvik raised those safety concerns, she said she faced harassment and bullying from her manager and other team members.

Recently, Gjøvik began raising concerns about Apple’s policies on how it can search and surveil employees’ work phones. That included an accusation that Apple previously forced her to hand over all her text messages, including “fully personal” items such as nude pictures. Gjøvik said that Apple stored those pictures in its “permanent evidence locker.”

Apple placed Gjøvik on administrative leave in early August while it investigated her concerns. Gjøvik says she requested leave only as a last resort.

The saga culminated on September 9th when a member of Apple’s employee relations team reached out to Gjøvik. The team member was looking into a sensitive intellectual property matter, according to The Verge, and wanted to speak with Gjøvik within the hour.

Gjøvik said she wanted to keep all communications in writing and noted she was forwarding the correspondence to the National Labor Relations Board (NLRB). Gjøvik had recently filed a charge with the NLRB, citing harassment by a manager, reduced responsibilities and increased unfavourable work.

However, Apple’s employee relations team responded, saying that because Gjøvik had chosen not to participate in the discussion, they would move forward with the information they had. Further, Gjøvik’s access to Apple systems was suspended “given the seriousness of these allegations.”

Within hours, Gjøvik received an email informing her that Apple had terminated her employment.

Those curious can read through the entire saga on Gjøvik’s website, where she has extensively documented emails and communications with Apple alongside her own tweets about what was going on.

Apple, however, maintains that it takes concerns seriously, telling The Verge in a statement:

“We are and have always been deeply committed to creating and maintaining a positive and inclusive workplace. We take all concerns seriously and we thoroughly investigate whenever a concern is raised and, out of respect for the privacy of any individuals involved, we do not discuss specific employee matters.”

Source: Ashley Gjøvik Via: The Verge