Popular livestreaming service Twitch.tv has confirmed that a number of user accounts may have been compromised, forcing the site to reset thousands of passwords and automatically expiring stream keys on the network.

Twitch is currently requiring returning users to reset their password when logging back into the site. Twitch wrote on its official blog:

We are writing to let you know that there may have been unauthorized access to some Twitch user account information.

For your protection, we have expired passwords and stream keys and have disconnected accounts from Twitter and YouTube. As a result, you will be prompted to create a new password the next time you attempt to log into your Twitch account.

We also recommend that you change your password at any website where you use the same or a similar password. We will communicate directly with affected users with additional details.

A few moments ago, Twitch added more information to its post, addressing password security and offering advice on creating strong passwords. Twitch recommended that the best option for password security is to “use a reputable password manager with a random password generator.”

“Your password could have been captured in clear text”

For users who are specifically suspected to have had their account details compromised, Twitch has sent emails containing further information about the circumstances of the leak and the affected data.

According to Twitch (via GamesBeat), some of the information that may have been part of the breach includes “your Twitch username and associated email address, your password, the last IP address you logged in from, limited credit card information (card type, truncated card number and expiration date), and any of the following if you provided it to us: first and last name, phone number, address, and date of birth.”

On the suspected cause of the compromised data, Twitch wrote, “We believe it’s possible that your password could have been captured in clear text by malicious code when you logged into our site on March 3rd.”

News of the breach comes just one week after Twitch lost service for several hours, but the site says that the two events are unrelated.

Photo credit: System Lock via photopin (license)