IE 11 is not supported. For an optimal experience visit our site on another browser.

Popular Crowdfunding Site Kickstarter Says It Was Hacked, Urges Users to Change Passwords

Chief executive Yancey Strickler says customers’ email addresses were taken, but no credit card information was obtained by hackers.
/ Source:

The burgeoning crowdfunding industry has walked with some swagger in recent weeks. But there should be more caution in its step now that one of its major players, Kickstarter, just admitted to being hacked.

New York City-based Kickstarter announced Saturday that its customers’ data had been compromised. Kickstarter learned of the hack when law enforcement officials contacted the donation-based crowdfunding platform Wednesday night informing the company that hackers had gained access to some of its customers’ data.

Related: Another Score for Crowdfunding: Indiegogo Raises $40 Million

In the hack, email addresses, user names, mailing addresses, personal phone numbers and encrypted passwords of Kickstarter customers were obtained.

While actual passwords were not obtained, Yancey Strickler, Kickstarter's chief executive, said in a blog post  that a “malicious person” with enough computing power can crack encrypted passwords, especially a password that is not complex. Strickler recommended that customers change their password for their Kickstarter account and any other accounts where a customer uses that same password.

No credit card data was obtained and no unauthorized charges were made of any kind, Strickler said. Kickstarter does not store full credit card numbers. It does store the last four digits and expiration dates of credit cards for projects based outside the U.S., but Strickler insisted that “none of this data was in any way accessed,” in the post.

Related: Indiegogo Co-Founder: When We Started, the Word 'Crowdfunding' Didn't Exist (Video)

In a separate letter to Kickstarter stakeholders, Strickler apologized for about the incident. “We set a very high bar for how we serve our community, and this incident is frustrating and upsetting,” he said. Strickler also pointed out that as soon as Kickstarter learned of the hack, it began  strengthening its security system. “We are working closely with law enforcement and we are doing everything in our power to prevent this from happening again.”

Since it’s inception in April of 2009, more than $981 million has been raised on Kickstarter for more than 56,000 projects from more than 5.6 million people.

The attack on Kickstarter is the latest in a string of hacks. Target was recently involved in a high-profile hack, as was clothing retailer Neiman Marcus.

Related: Target's Security Breach Stresses the Need for Better Cyber Security