This is beginning to look like a trend.
Twitch, the hugely popular live streaming platform focusing on video games and esports, saw more than 100GB of its most private data appear online yesterday.
The data includes confidential company information, like the site's source code and technical details for products and platforms which haven't been released yet.
It also includes details of streamers' earnings – something the Amazon-owned platform had kept extremely secret, with rivals like YouTube Gaming looking to poach its top talent.
It comes on the heels of Syniverse disclosing a hacker was sitting in its systems for five years.
Not to mention a botched DNS update bringing Facebook, Instagram and Whatsapp down for seven hours on Monday.
"We can confirm a breach has taken place," tweets Twitch, promising to "update the community as soon as additional information is available."
A botched change in the configuration of a server exposed the internal data to the Internet, allowing a "malicious third party" to access it, the company added in an update yesterday evening.
The data, covering August 2019 to now, provides details about Twitch's closely guarded payout figures.
The top individual streamer, in turns out, is a Canadian named Félix Lengyel, or xQcOW, who earned $8.4 million from Twitch in the last two years.
The overall top-earning streamer is a collective called Critical Role, which made $9.6 million.
Source code was leaked too for an unreleased streaming competitor from Amazon Game Studios, to be called Vapor.
The hacker also leaked data from Twitch's internal information security team, including threat models – descriptions of the strengths and capabilities of people likely to be attacking their system.
The leak was posted anonymously on the controversial Internet forum 4chan, which did not appear on the team's list of threats.
And somewhat ominously, the leak was labelled "part one," implying there is yet more to come.
At 125 gigabytes, it may well be the largest, most comprehensive data leak in history.
The hack was more likely an opportunistic action taken when the servers became visible to the public Internet, say experts, rather than someone lurking and waiting for Twitch to make a mistake.
Still, login and full credit card details, which the site says it does not store, do not seem to have been exposed.
On the other hand, this cyber disaster will likely boost competition from alternatives, like YouTube Gaming.
Microsoft closed its Mixer service last July, after luring superstar members of Twitch's site but struggling to create its community dynamic.
Amazon purchased the site, then called Justin.tv, for $970 million in 2014, one of Amazon's first pushes into the games sector as well as one of its biggest acquisitions up to then.
The anonymous 4chan poster described Twitch as a "disgusting toxic cesspool," saying the leak was intended to "foster more disruption and competition in the online video streaming space."
But much of Twitch's attraction comes from its ability to present itself as a community based on trust and openness, where users interact with friends, not with a company.
It's a harder look to keep up after a data leak like this.
- Syniverse quietly admits it was hacked for five years
- Russia-linked cyber group hacks US government agencies
- T-Mobile admits breach after epic hacking claims
- Telefónica continues cyber shopping spree with iHackLabs
- In 2021, as you work from home hackers eye your IoT
— Padraig Belton, contributing editor, special to Light Reading