Connect with us

Industry

Meghan Rienks’ Channel Hack Highlights YouTube Support Issues

Published

on

  • For two months, YouTuber Meghan Rienks has been struggling to get YouTube Support’s help to recover her hacked vlog channel.
  • After several confusing email exchanges with the company that presented her with no real solutions, Reinks said she only began to see more helpful and rapid responses when Shane Dawson and Gigi Hadid spoke up or offered their own connections.
  • Rienks said she spoke on the phone with YouTube on Wednesday and learned she may not be able to get her videos back. She also said that she worries about smaller creators who are left with even fewer options when they have issues with their channels.

Rienks Battles with YouTube After Hack

After months of battling with YouTube to regain access to her hacked channel, YouTuber Meghan Rienks said that a call with the company revealed that she may not be able to get her videos back.

On Tuesday, she confirmed via Twitter that YouTube agreed to talk over the phone. The sudden help from the platform came just one day after she posted a 45-minute video detailing the company’s disappointing response to her vlog channel being hacked in January. That call, however, did not go in the direction she was hoping.

She posted on Twitter that the call “wasn’t great.” On a Wednesday night Instagram story, she told her followers that she would likely lose the content she had on the channel, some of which is a decade old.

Her problems with YouTube’s support stem back even further than this phone call. Rienks’ Monday video starts with her explaining that in October, she realized her main channel was not appearing online for viewers, despite it looking fine from her end while logged in. Solving this with YouTube took roughly two weeks. During that time, they had back and forths where they told her nothing was wrong with her channel. 

The company eventually realized they had been looking into her vlog channel instead and had also sent her the wrong link to solve her main channel issues. During this time, she did notice a suspicious upload on her vlog channel but kept that on the back burner so she could focus on her main channel. 

Her vlog channel came back to the forefront on January 2, when Rienks realized it had been fully hacked and rebranded. Her videos were gone, and even though the channel still had her URL, it was now called “Beauty Dior” and has new logos and images.

The page was now full of several newly posted videos, all of which appeared to be re-uploads of beauty tutorials which she suspects are also stolen. On top of that, the email she had associated with the channel was deleted, preventing her from recovering it and regaining control of the account.

Exchanges With YouTube Continue For Two Months

Rienks reached out to YouTube the following morning, thinking this would be an easy fix seeing as the hacking was very obvious. Instead, it led to a series of seemingly empty-worded exchanges between YouTube, Rienks, her manager, and others on her team. In some emails sent from YouTube, Rienks was not even included and had to be kept in the loop via her manager.

In one, the YouTuber support person addresses the email to “Alex.” However, no one involved in these communications is named Alex, or even a name remotely similar to Alex. Rienks stated multiple times that she felt she was not in contact with a real person. 

Substantial news did not come from YouTube until February 22, when YouTube told Meghan they found no signs of abnormal activity on the channel. When she followed up, emphasizing that the channel had been fully rebranded, they maintained their findings in a grammatically messy email. 

“Hi there, thanks for your reply. I understand why you’re wondering that the investigation resulted that no highjacking activity happened on the channel,” they wrote. “However, I can assure you that our internal team carefully investigated this and didn’t found any.” 

They advised that she increase her password and account security, a measure she had actively been taking on all of her channels and social media accounts since the original incident in October.

Rienks Takes to Twitter

The next morning, she emailed them at 9 AM to request a phone call so she could guarantee swift, immediate contact with a real person. She also hopped on Twitter to express her frustrations.

At around the same time she sent her email, she shared YouTube’s response alongside proof that her account had been clearly hacked on Twitter. She also said she had seen a substantial loss in subscribers on the channel since January. 

While those posts gained a decent amount of traction when she uploaded them, they blew up when YouTuber Shane Dawson shared one a little after 2 p.m. Dawson mentioned several YouTube Twitter accounts in his message, which included a plea for help.

Just 45 minutes after Shane sent his tweet out, Rienks saw action from YouTube. She received an email saying that phone support was not an option, but her case was now being marked high priority. She also began direct messaging Team YouTube, which led to more confusing back and forths.

After initially claiming that YouTube had looked into her main channel instead of her vlog, an excuse similar to one give during the first situation in October, Team YouTube they were “not sure why [internal teams] came to that conclusion” that there was no abnormal activity on her vlog. They assured Rienks that she had been in contact with real people at YouTube, and apologized for the delay in solving her problem.

“I am sorry you had to take to twitter to get more help with this,” one of the messages read. “That shouldn’t be the case at all.”

Around the same time, another well-known face slid into Rienks’ DMs –supermodel Gigi Hadid. Hadid, who is a follower of Reinks, told her that she was sorry about her situation, and had a friend at YouTube who could be able to help. 

“This is the only time that I’m getting help,” Rienks said frustratedly in her video. “Is when Shane Dawson and Gigi Hadid help me. Thanks guys.”

On this day, Beauty Dior was still posting content on her channel. She also noted she saw that the account was being sold on a site for $500.

Rienks’ Frustrations with YouTube

While Rienks was recording her video, she got an update from YouTube. 

“The email YouTube just sent is that I can have my channel transferred over to me, I just have to agree to not sue them,” Rienks explained. “And also, I can’t have any of the videos that were privated. Which is all of them.” 

She spoke to her attorney about the email, who said that nothing in their message to her contained a legal document or legally binding clauses. 

“This is a failed system and it’s not working,” she said, explaining her overall anger about YouTube’s response. “And also through all of this I found, if it’s not working for me, it is not working for so many creators who have much smaller channels.” 

In the description of the video, she further expressed that while she wants her channel back, she also wants larger-scale change at YouTube. 

I want a meeting at Youtube. With REAL HUMANS. With the ‘people’ who run the support team & *personally* investigate hijacked channels,” she wrote. “Because it is a broken system and it needs to be changed. I know this is a long shot, but this has been happening for far too long, to far too many creators.”

“There’s no way that Youtube has coded & built software to pickup on less than 10 seconds of skewed pitch copyrighted song, yet they’re still unable to accurately verify a compromised channel,” she added. “This needs to change.”

When heading to Rienks’ vlog channel today, viewers can still find it as Beauty Dior.

Update: This article was updated from its original form to include new information about Rienks’ phone call with YouTube.

Industry

Hackers Hit Twitch Again, This Time Replacing Backgrounds With Image of Jeff Bezos

Published

on

The hack appears to be a form of trolling, though it’s possible that the infiltrators were able to uncover a security flaw while reviewing Twitch’s newly-leaked source code.


Bezos Prank

Hackers targeted Twitch for a second time this week, but rather than leaking sensitive information, the infiltrators chose to deface the platform on Friday by swapping multiple background images with a photo of former Amazon CEO Jeff Bezos. 

According to those who saw the replaced images firsthand, the hack appears to have mostly — and possibly only — affected game directory headers. Though the incident appears to be nothing more than a surface-level prank, as Amazon owns Twitch, it could potentially signal greater security flaws. 

For example, it’s possible the hackers could have used leaked internal security data from earlier this week to discover a network vulnerability and sneak into the platform. 

The latest jab at the platforms came after Twitch assured its users it has seen “no indication” that their login credentials were stolen during the first hack. Still, concerns have remained regarding the potential for others to now spot cracks in Twitch’s security systems.

It’s also possible the Bezos hack resulted from what’s known as “cache poisoning,” which, in this case, would refer to a more limited form of hacking that allowed the infiltrators to manipulate similar images all at once. If true, the hackers likely would not have been able to access Twitch’s back end. 

The photo changes only lasted several hours before being returned to their previous conditions. 

First Twitch Hack 

Despite suspicions and concerns, it’s unclear whether the Bezos hack is related to the major leak of Twitch’s internal data that was posted to 4chan on Wednesday.

That leak exposed Twitch’s full source code — including its security tools — as well as data on how much Twitch has individually paid every single streamer on the platform since August 2019. 

It also revealed Amazon’s at least partially developed plans for a cloud-based gaming library, codenamed Vapor, which would directly compete with the massively popular library known as Steam.

Even though Twitch has said its login credentials appear to be secure, it announced Thursday that it has reset all stream keys “out of an abundance of caution.” Users are still being urged to change their passwords and update or implement two-factor authentication if they haven’t already. 

See what others are saying: (The Verge) (Forbes) (CNET)

Continue Reading

Industry

Twitch Blames Server Configuration Error for Hack, Says There’s No Indication That Login Info Leaked

Published

on

The platform also said full credit card numbers were not reaped by hackers, as that data is stored externally. 


Login and Credit Card Info Secure

Twitch released a security update late Wednesday claiming it had seen “no indication” that users’ login credentials were stolen by hackers who leaked the entire platform’s source code earlier in the day.

“Full credit card numbers are not stored by Twitch, so full credit card numbers were not exposed,” the company added in its announcement.

The leaked data, uploaded to 4chan, includes code related to the platform’s security tools, as well as exact totals of how much it has individually paid every single streamer on the platform since August 2019. 

Early Thursday, Twitch also announced that it has now reset all stream keys “out of an abundance of caution.” Streamers looking for their new keys can visit a dashboard set up by the platform, though users may need to manually update their software with the new key before being able to stream again depending on what kind of software they use.

As far as what led to the hackers being able to steal the data, Twitch blamed an error in a “server configuration change that was subsequently accessed by a malicious third party,” confirming that the leak was not the work of a current employee who used internal tools. 

Will Users Go to Other Streaming Platforms?

While no major creators have said they are leaving Twitch for a different streaming platform because of the hack, many small users have either announced their intention to leave Twitch or have said they are considering such a move. 

It’s unclear if the leak, coupled with other ongoing Twitch controversies, will ultimately lead to a significant user exodus, but there’s little doubt that other platforms are ready and willing to leverage this hack in the hopes of attracting new users. 

At least one big-name streamer has already done as much, even if largely only presenting the idea as a playful jab rather than with serious intention. 

“Pretty crazy day today,” YouTube’s Valkyrae said on a stream Wednesday while referencing a tweet she wrote earlier the day.

“YouTube is looking to sign more streamers,” that tweet reads. 

I mean, they are! … No shade to Twitch… Ah! Well…” Valkyrae said on stream before interrupting herself to note that she was not being paid by YouTube to make her comments. 

See what others are saying: (Engadget) (BBC) (Gamerant)

Continue Reading

Industry

The Entirety of Twitch Has Been Leaked Online, Including How Much Top Creators Earn

Published

on

The data dump, which could be useful for some of Twitch’s biggest competitors, could signify one of the most encompassing platform leaks ever.


Massive Collection of Data Leaked 

Twitch’s full source code was uploaded to 4chan Wednesday morning after it was obtained by hackers.

Among the 125 GB of stolen data is information revealing that Amazon, which owns Twitch, has at least partially developed plans for a cloud-based gaming library. That library, codenamed Vapor, would directly compete with the massively popular library known as Steam.

With Amazon being the all-encompassing giant that it is, it’s not too surprising that it would try to develop a Steam rival, but it’s eyecatching news nonetheless considering how much the release of Vapor could shake up the market.

The leaked data also showcased exactly how much Twitch has paid its creators, including the platform’s top accounts, such as the group CriticalRole, as well as steamers xQcOW, Tfue, Ludwig, Moistcr1tikal, Shroud, HasanAbi, Sykkuno, Pokimane, Ninja, and Amouranth.

These figures only represent payouts directly from Twitch. Each creator mentioned has made additional money through donations, sponsorships, and other off-platform ventures. Sill, the information could be massively useful for competitors like YouTube Gaming, which is shelling out big bucks to ink deals with creators. 

Data related to Twitch’s internal security tools, as well as code related to software development kits and its use of Amazon Web Services, was also released with the hack. In fact, so much data was made public that it could constitute one of the most encompassing platform dumps ever.

Creators Respond

Streamer CDawgVA, who has just under 500,000 subscribers on Twitch, tweeted about the severity of the data breach on Wednesday.

“I feel like calling what Twitch just experienced as “leak” is similar to me shitting myself in public and trying to call it a minor inconvenience,” he wrote. “It really doesn’t do the situation justice.”

Despite that, many of the platform’s top streamers have been quite casual about the situation.

“Hey, @twitch EXPLAIN?”xQc tweeted. Amouranth replied with a laughing emoji and the text, “This is our version of the Pandora papers.” 

Meanwhile, Pokimane tweeted, “at least people can’t over-exaggerate me ‘making millions a month off my viewers’ anymore.”

Others, such as Moistcr1tikal and HasanAbi argued that their Twitch earning are already public information given that they can be easily determined with simple calculations. 

Could More Data Come Out?

This may not be the end of the leak, which was labeled as “part one.” If true, there’s no reason to think that the leakers wouldn’t publish a part two. 

For example, they don’t seem to be too fond of Twitch and said they hope this data dump “foster[s] more disruption and competition in the online video streaming space.”

They added that the platform is a “disgusting toxic cesspool” and included the hashtag #DoBetterTwitch, which has been used in recent weeks to drive boycotts against the platform as smaller creators protest the ease at which trolls can use bots to spam their chats with racist, sexist, and homophobic messages.

Still, this leak does appear to lack one notable set of data: password and address information of Twitch users.

That doesn’t necessarily mean the leakers don’t have it. It could just mean they are only currently interested in sharing Twitch’s big secrets. 

Regardless, Twitch users and creators are being strongly urged to change their passwords as soon as possible and enable two-factor authentication.

See what others are saying: (The Verge) (Video Games Chronicle) (Kotaku)

Continue Reading