Kickstarter has announced that its recent hackers have collected customer data. All customers are recommended to change their passwords, especially those that are considered weak.
The only information that has not been stolen is credit card information. However, there have been two accounts on the online fundraising website that have had two unauthorized transactions, since the attack. Phone numbers, usernames, encrypted passwords and email addresses have all been taken. Of course, with access to email addresses, those accounts could also be at risk since many people use the same passwords for multiple accounts. While the passwords are currently encrypted, it will not take long for some hackers to work them out.
Kickstarter is a New-York based crowdfunding website. The idea is that businesses and individuals can raise money for their projects, through a number of donors. These can be for charitable causes or even for funding movies and journalism projects. The team is relatively small, with just 75 people. According to the website, half of them work within the community and the other half focus in coding and design.
The site launched in 2009 and has raised $982 million, through 5.6 million pledges, for various projects around the world. The site states that it has helped 56,000 projects, in total. All the projects are created individually and those who create them have full responsibility and control in marketing their crowdfunding efforts.
The recent hack took place on Wednesday, according to the company. They learned about it through law enforcement and took steps to take care of it as soon as possible. Kickstarter announced the breach on Saturday on its blog and has since admitted that the hackers stole some customer data. Yancy Strickler, co-founder of the site, apologized for the breach and announced that there has only been evidence of unauthorized transactions on two accounts.
This is not the first major and devastating hack to have taken place in the U.S., in recent weeks. Target Corp. also recently announced that it had been the victim of malicious software, after a hacking attack. This software targeted the checkout system of the 1,800 stores in the United States over the holiday season. That software stole the debit and credit card numbers of around 40 million people and the personal information – including home addresses and names – of around 70 million people.
Companies regularly become victims to hacking attacks and attempts. Even governmental bodies suffer from attacks, now and then. It is the price of using technology, especially when financial details are involved.
With the knowledge that password, username and email address information have been stolen, Kickstarter recommends that all users change their passwords. Strickler also recommends that people change passwords on other accounts, where they use the same details. For those who need help creating strong passwords, LastPass and 1Password have been recommended.
The company is focusing on creating better security for the future. At the moment, the back-end system has changed temporarily, but the developers are looking at improving this, further, over the next few months. Hopefully, hackers will never be able to get into Kickstarter and steal customer data again.
By Alexandria Ingham