Skip to main content

Kickstarter hacked, user data stolen, credit cards safe

amazon kickstarter site logo large
Image used with permission by copyright holder

Announced on the official Kickstarter blog earlier today, the popular crowdfunding site has been hacked by an unknown party earlier this week and law enforcement officials are currently investigating. According to Kickstarter co-founder Yancey Strickler, data accessed and potentially stolen from the company servers included usernames, email addresses, mailing addresses, phone numbers and encrypted passwords. Perhaps the only silver lining of the incident was that no credit card data was accessed or stolen from users that previously backed Kickstarter projects.

However, the thieves could attempt to crack the encrypted passwords, thus providing them access to a password that’s linked a specific user. Since many people use the same or similar passwords on various sites around the Web, that Kickstarter password would be reused at another popular site like social networks for instance. Detailed on the blog, Strickler is encouraging users to reset their password on their Kickstarter account as well as any site on which that password is also currently used. 

Apologizing directly for the incident, Strickler said “We’re incredibly sorry that this happened. We set a very high bar for how we serve our community, and this incident is frustrating and upsetting. We have since improved our security procedures and systems in numerous ways, and we will continue to do so in the weeks and months to come. We are working closely with law enforcement, and we are doing everything in our power to prevent this from happening again.”

If any Kickstarter users have a question about their personal data, a FAQ has been added to the bottom of the blog post. Interestingly, Kickstarter does not store full credit card numbers for pledges on U.S based projects, but does store data for pledges on projects outside of the United States. That data includes the last four digits of the credit card account number in addition to the expiration date on the card.

Topics
Mike Flacy
By day, I'm the content and social media manager for High-Def Digest, Steve's Digicams and The CheckOut on Ben's Bargains…
Chrome extensions with 1.4M users may have stolen your data
Google Chrome icon in mac dock.

McAfee researchers have discovered various Google Chrome extensions that steal browsing activity, with the add-ons racking up more than a million downloads.

As reported by Bleeping Computer, threat analysts at the digital security company have come across a total of five such malicious extensions.

Read more
Hacking-as-a-service lets hackers steal your data for just $10
A depiction of a hacker breaking into a system via the use of code.

A new (and cheap) service that offers hackers a straightforward method to set up a base where they manage and perform their cyber crimes has been discovered -- and it’s gaining traction.

As reported by Bleeping Computer, security researchers unearthed a program called Dark Utilities, effectively providing a command and control (C2) center.

Read more
A data breach can cost millions of dollars — and you might be paying it
A dark mystery hand typing on a laptop computer at night.

According to a recent report from IBM Security, data breach costs are constantly on the rise. Unfortunately, this spells bad news not just for the companies involved, but also for the customers -- in more ways than one.

The report, which states that an average data breach is now estimated to cost $4.4 million, exposes the fact that the skyrocketing costs of data breaches directly affect the prices paid by the end customer.

Read more