Tuesday, February 18, 2014

What do You Mean Kickstarter Was Hacked?

On Wednesday, February 12 Kickstarter was hacked. 

Photo of Yancy Strickler from his KS Profile
According to Kickstarter CEO, Yancey Strickler, they didn't know about the incident until law enforcement officials contacted them. While it is not uncommon for law enforcement officials to know about these sort of incidents before the companies involved it is uncomfortably disheartening that an internet based company such as Kickstarter wouldn't find out about the incident first.

The hackers were able to gain access to customer usernames, email addresses, mailing addresses, phone numbers, and encrypted passwords, but not credit card numbers. This last saving grace is apparently due to the fact that Kickstarter does not store any of your credit card information - except for the last four digits and the expiration date - and that what information is stored wasn't accessed by the hackers.

While older passwords were uniquely salted and digested with SHA-1 multiple times. More recent passwords are hashed with bcrypt. Which means that the data is reasonably safe, but it is recommended that you change your passwords to prevent industrious hackers from cracking their encrypted passwords and gaining full access to your accounts.

At this time you should be preparing yourself for the possibility that the hackers will be using your information to contact you and perpetrate a scam. Don't give out your information and contact Kickstarter about any suspicious contact you receive.

No comments:

Post a Comment

Monkey Business by Jens D., The Disoriented Ranger

For those of you who haven't yet heard Jens D of the Disoriented Ranger produced an adventure, Monkey Business . He's publi...