Kickstarter users, get ready to change those passwords: earlier this week, the popular crowdfunding website was attacked by hackers.
On February 12, Kickstarter was notified by members of law enforcement concerning the hacking, but it wasn’t until February 15 that CEO Yancey Strickler announced the bad news on the Kickstarter Blog.
If you want to read the update in full, you may do so here. However, for your convenience, here are the cliff notes:
– Credit Card information was not received by the hackers.
In fact, Kickstarter does not store full credit card numbers: “For pledges outside the US,” Yancey said, “we store the last four digits and expiration dates for credit cards. None of this data was in any way accessed.”
– The only hints of unauthorized activity were found on two accounts, which have since been secured. The owners of these accounts have been notified, as well.
– As a safety precaution, all Facebook login credentials were reset. If you sign in to Kickstarter via Facebook, the only thing you have to do is reconnect.
Since this incident, the Kickstarter team has expressed regret over this turn of events, and has reached out to users via their blog, twitter, and email: “We’re incredibly sorry that this happened.” Strickler said, “We set a very high bar for how we serve our community, and this incident is frustrating and upsetting.”
Strickler assured users that the breach has been closed, and that the Kickstarter team will do their best to improve security, in hopes that an incident like this will never happen again.