On October 10, 2013 a company called XSplit, which produces gaming live streaming and re-coding software, has announced on their website that they became aware of “rumors” that their database may have fallen victim to a cyber intrusion. At the time of posting the alert, the company stated they were in the process of investigating user reports and were still uncertain that a breach had actually occurred.
XSplit went on to say how seriously they are taking the possibility of the rumors and that they have been trying to make contact with users who had directly reached out to XSplit with questions and who were seeking details about the possible cyber breach. The gaming software provider stated they had no evidence so far to require email or password changes, but provided its users with links for people who had more questions or thought that their account had been attacked or for those who wished to change their password or email address voluntarily.
In closing the company said it regretted the inconvenience to its users, promised to keep a robust investigation going into the incident and keep its users updated on the progress going forward.
On October 14, 2013 XSplit updated their blog page to inform users of the latest details. XSplit said the company had received “helpful” data from users that included screenshots of a compromised user’s account, but that the data did not come from XSplit’s cloud systems.
The company said the following:
Update: Oct 14 2013, 10.46 pm UTC+8
We’ve received data from helpful users showing screenshots of a compromised user. While there’s XSplit data in the picture, that data does not come from our cloud systems, but are from a local file found on the user’s hard drive. We believe the hacker got access through yet undetermined means, and from there started collected account info throughout the computer. There’s no evidence that XSplit was used to gain access to the computer, everything points to a previous breach which could have been done through any type of malware.
On November 7, 2013, XSplit announced a system wide password reset alert. The company stated that the cyber attack had prompted XSplit to institute a system wide password reset in an attempt to protect its users because of reports of suspicious activity the company had learned of.
In its statement, XSplit stated they believed that hackers had infiltrated its server systems and that XSplit user names, account names, hashed passwords and stream key may have been stolen for the live streaming services the company has provided for its users. There was not much in the statement as to what had occurred at XSplit to cause the hackers to gain access, but the company did make it a point to reassure users that no financial, PayPal, debit or credit card information is stored in XSplit account data.
The reset alert asked its users to reset their passwords immediately. In closing its statement, XSplit again apologized to its customers and asked for their patience and understanding while they continue to do everything possible to rectify the matter.
Additional Resources About This Breach: