Skip to main content

Kickstarter hacked, user data stolen, credit cards safe

Announced on the official Kickstarter blog earlier today, the popular crowdfunding site has been hacked by an unknown party earlier this week and law enforcement officials are currently investigating. According to Kickstarter co-founder Yancey Strickler, data accessed and potentially stolen from the company servers included usernames, email addresses, mailing addresses, phone numbers and encrypted passwords. Perhaps the only silver lining of the incident was that no credit card data was accessed or stolen from users that previously backed Kickstarter projects.

However, the thieves could attempt to crack the encrypted passwords, thus providing them access to a password that’s linked a specific user. Since many people use the same or similar passwords on various sites around the Web, that Kickstarter password would be reused at another popular site like social networks for instance. Detailed on the blog, Strickler is encouraging users to reset their password on their Kickstarter account as well as any site on which that password is also currently used. 

Recommended Videos

Apologizing directly for the incident, Strickler said “We’re incredibly sorry that this happened. We set a very high bar for how we serve our community, and this incident is frustrating and upsetting. We have since improved our security procedures and systems in numerous ways, and we will continue to do so in the weeks and months to come. We are working closely with law enforcement, and we are doing everything in our power to prevent this from happening again.”

If any Kickstarter users have a question about their personal data, a FAQ has been added to the bottom of the blog post. Interestingly, Kickstarter does not store full credit card numbers for pledges on U.S based projects, but does store data for pledges on projects outside of the United States. That data includes the last four digits of the credit card account number in addition to the expiration date on the card.

Mike Flacy
By day, I'm the content and social media manager for High-Def Digest, Steve's Digicams and The CheckOut on Ben's Bargains…
Topics
Use Comcast for internet? Your personal data may have been hacked
A building with the Xfinity logo on it.

Comcast, alongside several other big corporations, has recently suffered a devastating data breach. According to reports, it's possible that hackers got their hands on the data of up to 36 million Comcast Xfinity customers, meaning the company's cable television and internet department. Although the company is pretty tight-lipped about it, the data breach occurred over two months ago. Here's what we know and what you should do to protect yourself.

The hackers were able to access those masses of customer information through a vulnerability known as "CitrixBleed." It's found in Citrix networking devices that Comcast and other huge corporations use. The exploit was initially discovered in August and appears to have been used in cyberattacks on not just Comcast but also many other companies, including Boeing.

Read more
This Mac malware can steal your credit card data in seconds
Apple's Craig Federighi speaking about macOS security at WWDC 2022.

Despite their reputation for security, Macs can still get viruses, and that’s just been proven by a malicious new Mac malware that can steal your credit card info and send it back to the attacker, ready to be exploited. It’s a reminder to be careful when opening apps from unknown sources.

The malware, dubbed MacStealer, was discovered by Uptycs, a threat research firm. It hoovers up a wide array of your personal data, including the iCloud Keychain password database, credit card data, cryptocurrency wallet credentials, browser cookies, documents, and more. That means there’s a lot that could be at risk if it gains a foothold on your Mac.

Read more
Hack involved the data of a nation’s entire population
A depiction of a hacker breaking into a system via the use of code.

Hackers are well known to nab customer data held by companies, but obtaining the personal data of pretty much all of the residents of a single nation in one fell swoop takes the nefarious practice to a whole new level.

The remarkable feat was allegedly performed by a 25-year-old Dutch hacker who, when arrested by police, had in his possession personal data linked to pretty much every resident of Austria -- about nine million people.

Read more