Twitch Password Reset and the Danger of Password Re-Use
Page 1 of 1
If the unauthorized access, in fact, turns out to be an attack, Twitch will join a list of other gaming technologies that have been attacked in recent years. Sony's PlayStation network and Microsoft's Xbox live were both attacked during the 2014 Christmas holiday period.
Although Twitch is taking action and getting users to reset their passwords, the biggest danger actually lies outside Twitch: password reuse. Simply put, many users will reuse the same password for multiple sites. Given that accounts are usually tied to email addresses, which are also reused, it's possible that an attacker who gets a dump of email addresses and passwords could use that information to attack other sites.
The password reuse attack scenario is has played out before. In September 2014, WordPress had to reset 100,000 user passwords, after a leak of 5 million Google account passwords.