SkipToMainContent

How To

Was your Twitch account hacked? Top prevention steps

November 19, 2021

Gaming has grown ever so popular over the last couple of years – from being a somewhat nerdy niche to becoming a mainstream phenomenon. As of last year, the gaming industry has even surpassed movies in terms of revenue

One of the best things about being a gamer though, is that it has never been easier to share your hobby with others. Platforms like Twitch.tv offer gamers everything: the opportunity to watch others stream their favourite games, to build a community of their own, and – if they are successful enough – to earn money doing so.

But just like everything that involves a huge userbase and money, Twitch is just as tempting for cybercriminals as it is for gamers. Luckily it is often rather easy to figure out if your account might have been compromised, just watch out for the signs below.

3 signs that your Twitch account might be hacked 

1. Unusual activities

Your account doesn’t look the same as when you last logged in? Your settings have changed without your doing so? You receive whispers from people you don’t know? You follow people you’ve never heard of before and receive notifications from creators you don’t follow?  Something might be amiss, as these are all indicators that someone has fiddled with your account and gained unauthorized access.

2. Prime account sub is gone

If you have an Amazon Prime account and linked it to your Twitch account, one of the benefits is that you can give your favourite creator a sub each month – for free. This of course is great, as you can support him or her and at the same time receive the channel benefits, like emotes and an ad-free streaming experience.

Now, if you notice that you can’t give your sub away anymore, even though you should be able to, you definitely need to investigate:

  • Go to the Twitch website and click on your profile image at the top right corner of the page.
  • Choose subscriptions.
  • The upcoming page should show you whom you currently are subscribed to. If you see anything out of the ordinary, like some creator you’ve never heard of before, your account is most likely compromised. 

3. You receive purchase notices for things you’ve never bought

If all of a sudden you receive emails stating that you’ve purchased a huge number o bits or subs, you need to take action ASAP since your account was definitely compromised. This is basically a worst case scenario, as the amount of money spent often goes into the hundreds or thousands.

If this has ever happened to you, make sure to contact Twitch immediately. Their team is more than happy to help and will investigate your claim. 

What to do if your Twitch account gets hacked 

The good thing, is that there are a couple of things you can and should do, once you notice an account breach: 

1. Regain access to your Twitch account

This is one of the worst case scenarios for every user: you’ve lost access to your account. Luckily for you there are several ways in which you can regain access to your Twitch account. The easiest one would be to simply reset your password. To do so you can use the Twitch Account Recovery service which lets you enter either your email address or phone number to verify that you are really the rightful account holder. Just go to the page and follow the steps provided by Twitch. 

It gets a bit more complicated if the cybercriminal managed to not only change your password but also some of your other account details, like your email address and/or phone number. If that’s the case, the automated account recovery might not work for you.

Nonetheless you can still regain access to your account by contacting Twitch customer support:

1. Fill in your account information including your name, username, and the email address that is (or was) associated with the account.

2. Make sure to choose the following categories:

    a. "Account/ Login issues”

    b. Logging in

    c. My account has been hacked or stolen

3. Scroll down and enter a helpful subject and text

This should allow the customer service team to help you out and give you back your Twitch account. 

2. Change your Twitch password

If you still have access to your account, then changing your password is the first thing you should do. In case you don’t know where to find the settings, just follow these instructions:

  1. Go to the Twitch website and click on your profile image (as mentioned before, you should be able to find it at the top right-hand corner of the page).
  2. Locate and choose the “Settings“ option.
  3. Navigate to the “Security and Privacy” tab. That’s where you will find options like changing your password, enabling Two-Factor Authentication, and more. Scroll down until you see “Security” and change your password with the “Change Password” option.
  4. The next step would be to enter your old compromised password and to choose and confirm a new one. 

3. Remove your Twitch payment options 

No matter how your account was compromised, it’s never a bad idea to change or remove your payment information as they may be associated with your potentially vulnerable account. This is also a no-brainer if unauthorized purchases have been made. Here’s what you need to do:

  1. Go to the Twitch website and click on your profile image (as mentioned before you should be able to find it at the top right-hand corner of the page).
  2. Locate and choose the “wallet” option.
  3. This section of Twitch will show you not only the current payment information you have saved to your account but also allows you to see your transaction history (which can help you greatly in figuring out if someone has fiddled with your account – so always keep an eye on it).
  4. Scroll down until you see “Saved Payment Methods”. Here you can choose the “Delete” option in order to remove any credit cards or other payment information that is currently linked to your Twitch account. 

4. Reset your Twitch Stream Key

If you are a streamer on Twitch, you probably know what a Stream Key is - an ID number which allows you to link your Twitch account to broadcasting software such as OBS. Even though the key should not allow cybercriminals to get any personal information from your account, it’s always a good idea to reset it, if you fear that your Twitch account was compromised. This can be achieved as following:

  1. Go to the Twitch website and click on your profile image (as mentioned before you should be able to
    find it at the top right-hand corner of the page).
  2. Locate and choose the “Creator Dashboard” option.
    From the Creator Dashboard you will see a menu to your right. Select the option “Settings” and click on
    “Stream”.
  3. In the “Stream Key & Preferences” section you should be able to see a menu called “Primary
    Steam Key.” Click on the “Reset” button next to that key.
  4. The only thing left to do is to copy and paste your new Stream Key into your preferred broadcasting
    software.  

General security tips for your Twitch account

Now, there are of course a couple of general things you can do in order to better protect your Twitch account (or at least to identify if it has been hacked faster): 

  • As per recommendation by Twitch you should remove your connections. These connections allow limited access to your account from different apps. In order to secure your account completely, it is recommended you disconnect all apps under the “Other Connections” section of your Connections Settings.
  • Make sure to use a Two-Factor Authentication, even if you’re not a streamer. While it does not guarantee that your account will never get hacked, it is a great tool that will add an additional layer of security. 
  • Regularly check your Twitch transactions history for anything out of the ordinary.
  • Use Twitch gift cards for your subscriptions and bit purchases. They might not be as convenient as automated saved payment methods, but they are a lot more secure: That way cybercriminals cannot just go ahead and purchase 200 subs or 100 000 bits.  
  • Keep an eye out for any security breaches that involve Twitch, in order to keep informed and change any leaked information such as passwords, as fast and as early as possible. 
  •  


Disclaimers and references:
Symantec Corporation, the world’s leading cyber security company, allows organizations, governments, and people to secure their most important data wherever it lives. More than 50 million people and families rely on Symantec’s Norton and LifeLock comprehensive digital safety platform to help protect their personal information, devices, home networks, and identities.

Copyright © 2022 NortonLifeLock Inc. All rights reserved. NortonLifeLock, the NortonLifeLock Logo, the Checkmark Logo, Norton, LifeLock, and the LockMan Logo are trademarks or registered trademarks of NortonLifeLock Inc. or its affiliates in the United States and other countries. Firefox is a trademark of Mozilla Foundation. Android, Google Chrome, Google Play and the Google Play logo are trademarks of Google, LLC. Mac, iPhone, iPad, Apple and the Apple logo are trademarks of Apple Inc., registered in the U.S. and other countries. App Store is a service mark of Apple Inc. Alexa and all related logos are trademarks of Amazon.com, Inc. or its affiliates. Microsoft and the Window logo are trademarks of Microsoft Corporation in the U.S. and other countries. The Android robot is reproduced or modified from work created and shared by Google and used according to terms described in the Creative Commons 3.0 Attribution License. Other names may be trademarks of their respective owners.