Crowd-funding platform Kickstarter over the weekend confirmed that the platform suffered a security breach last week, but reiterated that no credit card data of any kind was accessed by hackers.
Kickstarter is a funding platform for creative projects, and tries to crowdfund everything from films, games, and music to art, design, and technology. “Kickstarter is full of ambitious, innovative, and imaginative projects that are brought to life through the direct support of others,” the company explains.
The company added that they immediately took steps to minimise the impact after learning about the breach. “Law enforcement officials contacted Kickstarter and alerted us that hackers had sought and gained unauthorized access to some of our customers’ data. Upon learning this, we immediately closed the security breach and began strengthening security measures throughout the Kickstarter system,” Kickstarter CEO Yancey Strickler wrote in a blog post.
While no credit card data was accessed, some information about their customers were. “Accessed information included usernames, email addresses, mailing addresses, phone numbers, and encrypted passwords. Actual passwords were not revealed, however it is possible for a malicious person with enough computing power to guess and crack an encrypted password, particularly a weak or obvious one.”
Kickstarter therefore urged all users to immediately change their passwords to secure their accounts. “As a precaution, we strongly recommend that you create a new password for your account, and other accounts where you use this password.”
They also took the time to apologise for the security breach. “We’re incredibly sorry that this happened. We set a very high bar for how we serve our community, and this incident is frustrating and upsetting. We have since improved our security procedures and systems in numerous ways, and we will continue to do so in the weeks and months to come.”
Charlie Fripp – Consumer Tech editor