Kickstarter stressed both in a blog post on the incident and in the email that went out to project organisers and backers that hackers hadn’t accessed any credit card data. The crowdfunding site also hasn’t found any evidence of unauthorised activities on accounts.
What hackers were able to get their hands on, according to Kickstarter, included user names, email addresses, mailing addresses and encrypted passwords. While actual passwords weren’t revealed in the security breach, it’s still probably a good idea to stop reading this article right now and go change your Kickstarter password. Kickstarter suggests you also change the password of any other accounts that share your Kickstarter password, if you engage in that particularly unsound security practice.
Kickstarter was alerted to the breach on Wednesday night. The crowdfunding site says it immediately closed the breach and “began strengthening security measures throughout the Kickstarter system”.
“We’re incredibly sorry that this happened,” Kickstarter CEO Yancey Strickler wrote at the end of his note to users. “We set a very high bar for how we serve our community, and this incident is frustrating and upsetting.”
by Philip Michaels, TechHive