Twitch: Updates on the Twitch Security Incident
blog.twitch.tv> We have learned that some data was exposed to the internet due to an error in a Twitch server configuration change that was subsequently accessed by a malicious third party.
How could 1 "server" change give such a high clearance to access all that was in the leak? This includes the data for the payouts including the source code for multiple projects. I still don't understand how this could happen for a company this big.
A GitHub organization for a project I worked on for example is segmented into teams so not 1 team can access another teams account, something this simple could have mitigated the number of repos exposed unless maybe the root user is pwned. Also, given that they use AWS, it comes with security tools including one to scan your whole network for weaknesses/vulnerabilities and also gives recommendations on what to do to fix besides other things.
This is really a lesson for other companies to practice the "Principle of Least Privilege" as a default mindset.