Kickstarter has confirmed news of a hacker attack. Details of the hack were shared on the company blog this weekend, and include mention of “unauthorized access to some” customer data. As with any sort of data hack, the first step for those with a Kickstarter account should be to change your password. And to clarify, change it to a secure password that you aren’t using anywhere else.
Having said that, while data hacks are not something that are good news for anyone, except maybe the person that did the actual hacking — there is a small silver lining here. The credit card data was not touched. Furthermore, it was also said there was “no evidence of unauthorized activity of any kind on all but two Kickstarter user accounts.”
In terms of the data that was accessed,the folks at Kickstarter have issued the following statement;
“While no credit card data was accessed, some information about our customers was. Accessed information included usernames, email addresses, mailing addresses, phone numbers, and encrypted passwords. Actual passwords were not revealed, however it is possible for a malicious person with enough computing power to guess and crack an encrypted password, particularly a weak or obvious one.”
Despite the “actual” passwords not being revealed — you should still change your password as soon as possible. Otherwise, details on the Kickstarter hack show how the company was notified by law enforcement officials on Wednesday night. While it took a few days to send out messages to the users, it doesn’t appear the folks at Kickstarter were simply sitting around.
To that point, it was said they “immediately closed the security breach and began strengthening security measures” throughout the system. It was also said they “notified everyone as soon we [they] had thoroughly investigated the situation.” Otherwise, news of the Kickstarter data hack came with an apology.
“We’re incredibly sorry that this happened. We set a very high bar for how we serve our community, and this incident is frustrating and upsetting. We have since improved our security procedures and systems in numerous ways, and we will continue to do so in the weeks and months to come. We are working closely with law enforcement, and we are doing everything in our power to prevent this from happening again.”