KickStarter Crowd-Funding Website Hacked
Popular crowd-funding website, Kickstarter, experienced a security breach Wednesday night. February 12, 2014 hackers gained unauthorized access to Kickstarter, and data may have been breached. Kickstarter seems to be the most recent victim in the wrath of recent data breaches.
Wednesday night Kickstarter received an alert from law enforcement that a security breach may have occurred. In the security breach no credit card details were leaked. Breached data contains usernames, email addresses, mailing addresses, phone numbers, and encrypted passwords. “Older passwords were uniquely salted and digested with SHA-1 multiple times. More recent passwords are hashed with bcrypt.” Yancey Strickler, Kickstarter CEO stated.
The data breach does not contain any credit card information, but the data leaked is still sensitive and can be used for malicious intent and by spammers. Kickstarter put out an official notice February 15, 2014. Kickstarter has just notified the public as they were investigating and patching past exploits. Kickstarter has not noticed any unauthorized activity on user accounts, aside from two, but are urging users to change their passwords for security precautions.
Potential hackers or hacking groups have not taken any credit for the breach. Kickstarter has taken the breach very seriously and in a professional manner. Many other company’s recently have fallen or collapsed due to poor security and management. Kickstarter has taken a professional approach and is working directly with every user to secure their account.