security

Change that Kickstarter password -- crowdfunding website gets hit by hackers

Kickstarter backers received an unwanted reward Saturday if they have an account with the crowdfunding site—a security notice that hackers have gained access to some customer data.

Kickstarter stressed both in a blog post on the incident and in the email that went out to project organizers and backers that hackers hadn’t accessed any credit card data. The crowdfunding site also hasn’t found any evidence of unauthorized activities on accounts.

What hackers were able to get their hands on, according to Kickstarter, included user names, email addresses, mailing addresses, and encrypted passwords. While actual passwords weren’t revealed in the security breach, it’s still probably a good idea to stop reading this article right now and go change your Kickstarter password. Kickstarter suggests you also change the password of any other accounts that share your Kickstarter password, if you engage in that particularly unsound security practice.

kickstarter email

A portion of the email alert Kickstarter sent to account holders Saturday

Kickstarter was alerted to the breach Wednesday night. The crowdfunding site says it immediately closed the breach and “began strengthening security measures throughout the Kickstarter system.”

“We’re incredibly sorry that this happened,” Kickstarter CEO Yancey Strickler writes at the end of his note to users. “We set a very high bar for how we serve our community, and this incident is frustrating and upsetting.”

Subscribe to the Security Watch Newsletter

Comments