Skip to main content

Kickstarter API security bug exposed 77,000 projects

Kickstarter security
Image used with permission by copyright holder

Crowdfunding powerhouse Kickstarter suffered its first high-profile security screw-up on Friday, which resulted in the early exposure of approximately 77,000 projects, the company announced on Sunday after being contacted by the Wall Street Journal.
No credit card data, or other highly sensitive information, was revealed through the security hole, the company said.

“The bug was introduced when we launched the API in conjunction with our new homepage on April 24, and was live until it was discovered and fixed on Friday, May 11, at 1:42pm,” wrote Yancey Strickler, co-founder of Kickstarter, on the company blog. “The bug made accessible the project description, goal, duration, rewards, video, image, location, category, and user name for unlaunched projects. No account or financial data was made accessible.”

Recommended Videos

According to Strickler, only 48 projects were exposed beyond what the Wall Street Journal accessed for its report.

While the security hole may have not exposed financial data, it does serve as a stark reminder the vulnerabilities of handing over credit card information to a website.

Launched in 2008, Kickstarter has quickly become the go-to place for artists, game-makers, and technology entrepreneurs to gain funding and exposure for their embryonic ideas. Kickstarter, which takes a 5 percent cut of all funds pledged to successful projects, raise nearly $100 million for 27,000 projects last year, and has become something of a household name in the past few months. Kickstarter recently announced that it has raised a total of $200 million over the past three years.

One project, the Pebble smartwatch, which connects via Bluetooth with Android and iPhone smartphones, recently became the highest-funded project in Kickstarter history, having raised about $10.2 million — more than 100 times its original goal of $100,000 — with four days left to go, at the time of this writing. The Pebble watch itself is completely sold out.

Those who pledge money to Kicstarter projects are not investors in the same way venture capitalists or stock holders are investors. Instead, money pledged on to a Kickstarter project is most often a kind of pre-order for the product itself. If you pledged a certain minimum amount toward the Pebble watch, for example, then you are in line to receive an early edition of the watch, plus other perks, like personalized messages from the co-founders, or other exclusive benefits. The money pledged is usually used to get the business off the ground, such as paying for production costs. To pledge on Kickstarter is to be the earliest of early adopters; you are buying something that often times doesn’t even yet exist.

Whether or not last week’s security breach affects Kickstarter’s business is yet to be seen; however, we would wager that not many will be put off by a security lapse that exposed nothing more than some untested projects.

Andrew Couts
Features Editor for Digital Trends, Andrew Couts covers a wide swath of consumer technology topics, with particular focus on…
How to change margins in Google Docs
Laptop Working from Home

When you create a document in Google Docs, you may need to adjust the space between the edge of the page and the content -- the margins. For instance, many professors have requirements for the margin sizes you must use for college papers.

You can easily change the left, right, top, and bottom margins in Google Docs and have a few different ways to do it.

Read more
What is Microsoft Teams? How to use the collaboration app
A close-up of someone using Microsoft Teams on a laptop for a videoconference.

Online team collaboration is the new norm as companies spread their workforce across the globe. Gone are the days of primarily relying on group emails, as teams can now work together in real time using an instant chat-style interface, no matter where they are.

Using Microsoft Teams affords video conferencing, real-time discussions, document sharing and editing, and more for companies and corporations. It's one of many collaboration tools designed to bring company workers together in an online space. It’s not designed for communicating with family and friends, but for colleagues and clients.

Read more
Microsoft Word vs. Google Docs
A person using a laptop that displays various Microsoft Office apps.

For the last few decades, Microsoft Word has been the de facto standard for word processors across the working world. That's finally starting to shift, and it looks like one of Google's productivity apps is the heir apparent. The company's Google Docs solution (or to be specific, the integrated word processor) is cross-platform and interoperable, automatically syncs, is easily shareable, and perhaps best of all, is free.

However, using Google Docs proves it still has a long way to go before it can match all of Word's features -- Microsoft has been developing its word processor for over 30 years, after all, and millions still use Microsoft Word. Will Google Docs' low barrier to entry and cross-platform functionality win out? Let's break down each word processor in terms of features and capabilities to help you determine which is best for your needs.
How does each word processing program compare?
To put it lightly, Microsoft Word has an incredible advantage over Google Docs in terms of raw technical capability. From relatively humble beginnings in the 1980s, Microsoft has added new tools and options in each successive version. Most of the essential editing tools are available in Google Docs, but users who are used to Word will find it limited.

Read more