Security alert: You should change your password if you have a Kickstarter account.
The crowdfunding website announced on Saturday it had a security breach, which resulted in some user information being compromised. Kickstarter CEO Yancey Strickler wrote in a letter to users that hackers did not access credit card information, but they did get usernames, email addresses, mailing addresses, phone numbers, and encrypted passwords.
“Actual passwords were not revealed, however it is possible for a malicious person with enough computing power to guess and crack an encrypted password, particularly a weak or obvious one,” he wrote.
Kickstarter did not immediately respond to questions about how many accounts were affected by the breach.*
“On Wednesday night, law enforcement officials contacted Kickstarter and alerted us that hackers had sought and gained unauthorized access to some of our customers’ data,” Strickler wrote. “Upon learning this, we immediately closed the security breach and began strengthening security measures throughout the Kickstarter system.”
As part of its precautions, Kickstarter has asked users to change their passwords. Anyone with questions or concerns should email accountsecurity@kickstarter.com.
“We’re incredibly sorry that this happened,” Strickler wrote. “We set a very high bar for how we serve our community, and this incident is frustrating and upsetting.”
*Update: According to a response from Kickstarter, “There is no evidence of unauthorized activity of any kind on all but two Kickstarter user accounts.”
Illustration by Jason Reed