Crowdfunding website Kickstarter hacked, recommends users change passwords
Kickstarter, the fundraising platform used by millions of people to raise capital for creative projects and businesses, said on Saturday that hackers had gained access to some of its customers' data earlier this week but that the breach had been repaired.
"No credit card data of any kind was accessed by hackers. There is no evidence of unauthorized activity of any kind on all but two Kickstarter user accounts," Kickstarter Chief Executive Officer Yancey Strickler said in a blog post on the website. It noted that it does not store credit card data.
Recent data breaches at Target Corp and Neiman Marcus NMRCUS.UL have sparked concern from U.S. lawmakers and consumers over who should bear the cost of consumer losses and how to improve cybersecurity.
Kickstarter's information that was accessed without authority included user names, email addresses, mailing addresses, phone numbers and encrypted passwords, said Kickstarter, which was informed of the breach by law enforcement officials on Wednesday night.
It added that while passwords were not revealed, persons with computer expertise could still decipher encrypted passwords, and recommended users change their passwords as well as those for other sites or accounts for which the users had the same password.
Kickstarter said it had beefed up security in recent days. It also said it was working with law enforcement officials.
Kickstarter launched in 2009 as a conduit for funding of projects ranging from films and stage shows to video games and restaurant launches. Contributors to a project's launch are often compensated with rewards, discounts, credits or other offers from the projects they help fund.
Since its launch more than 100,000 projects have been funded, with hundreds of millions of dollars pledged.