Crowd funding website, Kickstarter was broken into by hackers on Wednesday, the 12th of February.
Yesterday, the company’s CEO Yancey Strickler, announced at their blog that they had been hacked and apologized for the same.
Apparently Kickstarter were notified by Law Enforcement Officials, on Wednesday night, that a data breach had occurred, and the hackers had gained unauthorized access to some of their users’ data. Kickstarter immediately patched the loophole, and strengthened their security system.
This is what they said,
No credit card data of any kind was accessed by hackers. There is no evidence of unauthorized activity of any kind on all but two Kickstarter user accounts.
We’re incredibly sorry that this happened. We set a very high bar for how we serve our community, and this incident is frustrating and upsetting. We have since improved our security procedures and systems in numerous ways, and we will continue to do so in the weeks and months to come. We are working closely with law enforcement, and we are doing everything in our power to prevent this from happening again.
They assured users that no credit card information was accessed, since they do not store them on their server. But they admitted that usernames, email addresses, mailing addresses, phone numbers, and encrypted passwords of some users had been stolen. A hacker could easily break an encrypted password if it was weak, or by using some tools. Kickstarter has asked all users to change their passwords, not only at their website, but also for other websites and services where the same password is used.
via: The Washington Post