Printed from http://www.electronista.com

Crowdfunding site Kickstarter hacked, customer data accessed

updated 08:11 pm EST, Sat February 15, 2014

Payment details not taken by hackers in Kickstarter intrusion

Customer data from popular crowd-funding site Kickstarter, famous for helping launch the Ouya and Pebble smart watch, has been taken by hackers, the company has revealed. Usernames, e-mail addresses, mailing addresses, phone numbers, and encrypted passwords of a number of accounts were accessed in the intrusion, though the company stresses in a blog post that payment information, such as partial credit card numbers, were not taken in the attack.

It was not revealed how the site was breached, but it is said that the vulnerability was closed on Wednesday after law enforcement officials contacted Kickstarter. The extent of the attack appears to be minimal as a later update states that just two accounts were compromised, with the company helping the account holders secure their details, but the company is still taking precautions in case more are affected.

Pebble smart watch, a Kickstarter-funded project
Pebble smart watch, a Kickstarter-funded project


Since passwords were taken in the intrusion, Kickstarter CEO Yancey Strickler strongly recommends "that you create a new password for your Kickstarter account, and other accounts where you use this password." Older passwords were "uniquely salted and digested with SHA-1 multiple times," with newer passwords hashed with bcrypt. Full credit card numbers were not stored on the site, except for the last four digits and expiry dates of credit cards for users outside of the US, but this was not accessed. The site has also reset all Facebook credentials as an extra precaution, with users of the social network's login feature needing to reconnect their account.

The hacking of Kickstarter comes after a number of other high-profile intrusions in recent months. Account details for Yahoo Mail and Snapchat were found to have been taken during similar incidents last month, while a breach at retailer Target saw millions of customer records, including credit and debit card information, pulled by attackers.



By Electronista Staff
Post tools:

TAGS :

toggle

Comments

  1. The Vicar

    Junior Member

    Joined: 07-01-09

    If they're citing the Ouya as the best they can do, then they deserve to be hacked. That thing is garbage.

  1. besson3c

    Clinically Insane

    Joined: 03-03-01

    You know that Kickstarter didn't actually build the Ouya, right?

  1. azrich

    Fresh-Faced Recruit

    Joined: 04-19-10

    Would this explain a seemingly simultaneous increase in spam email? Just curious.

  1. Spheric Harlot

    Clinically Insane

    Joined: 11-07-99

    Originally Posted by The VicarView Post

    If they're citing the Ouya as the best they can do, then they deserve to be hacked. That thing is garbage.



    They didn't "do" the Ouya, any more than they "did" the relaunch of Carmageddon.

    They merely provided a platform for people to fund development.

    But hell, am I thankful for that latter one!

  1. The Vicar

    Junior Member

    Joined: 07-01-09

    @besson3c:

    "You know that Kickstarter didn't actually build the Ouya, right?"

    Yes. Believe it or not, I actually know what Kickstarter does: they help people raise money to start projects which are usually so ill-conceived that they can't even find commercial backing. And my point is: if they're looking for examples of stuff Kickstarter got started which are supposed to make us respect the site, and they can't find anything better than the piece of garbage which is the Ouya, then Kickstarter's reputation as a breeding ground for scams and worthless trash is well-deserved.

  1. Spheric Harlot

    Clinically Insane

    Joined: 11-07-99

    That the people who wrote this article couldn't find a better example isn't necessarily Kickstarter's problem.

  1. Grendelmon

    Dedicated MacNNer

    Joined: 12-26-07

    Originally Posted by The VicarView Post

    @besson3c:

    "You know that Kickstarter didn't actually build the Ouya, right?"

    Yes. Believe it or not, I actually know what Kickstarter does: they help people raise money to start projects which are usually so ill-conceived that they can't even find commercial backing. And my point is: if they're looking for examples of stuff Kickstarter got started which are supposed to make us respect the site, and they can't find anything better than the piece of garbage which is the Ouya, then Kickstarter's reputation as a breeding ground for scams and worthless trash is well-deserved.



    That's obviously Electronista's opinion. And FWIW, nobody cares what you think about the Ouya, much less Kickstarter.

  1. andrewbw

    Fresh-Faced Recruit

    Joined: 01-31-01

    People like The Vicar maintain MacNN/Electronista's reputation as a breeding ground for ill-informed, churlish, obnoxious members, too stupid to understand the very things they comment on, and confused why the MacNN message boards are a ghost town. Must be disheartening to the hard-working folks who are doing their best to run a website here.

  1. Spheric Harlot

    Clinically Insane

    Joined: 11-07-99

    Yeah, but you're not wearing any pants!

  1. EstaNightshift

    MacNN Staff

    Joined: 07-19-12

    Originally Posted by GrendelmonView Post

    That's obviously Electronista's opinion. And FWIW, nobody cares what you think about the Ouya, much less Kickstarter.



    What's Electronista's opinion, that Kickstarter generated a TON of money for both the Ouya and the Pebble? That's not so much opinion, really.

    I don't believe the author weighed in any opinion on Kickstarter as a venue, Ouya, or the Pebble.

    That the people who wrote this article couldn't find a better example isn't necessarily Kickstarter's problem.

    I believe the author picked two of the larger projects funded by them that we cover. The point of the article wasn't to point out the successes or failures of crowdsourcing (or Kickstarter) other than to point out the data breach.

    Personally, I wanted to get in on Steve Jackson's Ogre set, but alas.

    Thread is closed.

  1. Arne_Saknussemm

    Forum Regular

    Joined: 04-05-11

    Yeah, but you're not wearing any pants!
    -HILARIOUS!
    Ah, and Apple has peaked

Login Here

Not a member of the MacNN forums? Register now for free.

toggle

Network Headlines

toggle

Most Popular

Sponsor

Recent Reviews

Cat B100

Cat is primarily known for its heavy-duty machinery used in the construction industry and farming, among other areas. What may not be ...

Linksys EA6900 AC Router

As 802.11ac networking begins to makes its way into more and more devices, you may find yourself considering an upgrade for your home ...

D-Link DIR-510L 802.11AC travel router

Having Internet access in hotels and other similar locations used to be a miasma of connectivity issues. If Wi-Fi was available, it wa ...

Sponsor

toggle

Most Commented

 
toggle

Popular News