oopsie...kickstarter.com was compromised.

No explicit questions like "how do I hack xxx.com" please!
Post Reply
User avatar
bad_brain
Site Owner
Site Owner
Posts: 11636
Joined: 06 Apr 2005, 16:00
18
Location: In your eye floaters.
Contact:

oopsie...kickstarter.com was compromised.

Post by bad_brain »

just got this one:
On Wednesday night, law enforcement officials contacted Kickstarter and alerted us that hackers had sought and gained unauthorized access to some of our customers' data. Upon learning this, we immediately closed the security breach and began strengthening security measures throughout the Kickstarter system.

No credit card data of any kind was accessed by hackers. There is no evidence of unauthorized activity of any kind on your account.

While no credit card data was accessed, some information about our customers was. Accessed information included usernames, email addresses, mailing addresses, phone numbers, and encrypted passwords. Actual passwords were not revealed, however it is possible for a malicious person with enough computing power to guess and crack an encrypted password, particularly a weak or obvious one.

As a precaution, we strongly recommend that you change the password of your Kickstarter account, and other accounts where you use this password.

To change your password, log in to your account at Kickstarter.com and look for the banner at the top of the page to create a new, secure password. We recommend you do the same on other sites where you use this password. For additional help with password security, we recommend tools like 1Password and LastPass.

We’re incredibly sorry that this happened. We set a very high bar for how we serve our community, and this incident is frustrating and upsetting. We have since improved our security procedures and systems in numerous ways, and we will continue to do so in the weeks and months to come. We are working closely with law enforcement, and we are doing everything in our power to prevent this from happening again.

Kickstarter is a vibrant community like no other, and we can’t thank you enough for being a part of it. Please let us know if you have any questions, comments, or concerns. You can reach us at accountsecurity@kickstarter.com.

Thank you,

Yancey Strickler
Kickstarter CEO
Image

User avatar
ayu
Staff
Staff
Posts: 8109
Joined: 27 Aug 2005, 16:00
18
Contact:

Re: oopsie...kickstarter.com was compromised.

Post by ayu »

Yup same here ^^

Hoping there will be a yummy dump for me to download soon :-99
"The best place to hide a tree, is in a forest"

scatter
Fame ! Where are the chicks?!
Fame ! Where are the chicks?!
Posts: 366
Joined: 01 Jan 2014, 05:22
10

Re: oopsie...kickstarter.com was compromised.

Post by scatter »

It s funny to know some companies never know they were breached unless authorities tell them but another thing: credit cards werent hacked but what about the IDs that can be sold? did they forget this part ](*,)

User avatar
DNR
Digital Mercenary
Digital Mercenary
Posts: 6114
Joined: 24 Feb 2006, 17:00
18
Location: Michigan USA
Contact:

Re: oopsie...kickstarter.com was compromised.

Post by DNR »

I am not sure what the damage could be - denying its users the ability to raise funds (funds are not stored by them) by corrupting the site. Even secret plans of new inventions are not stored here.

Just another bad hack to pressure law enforcement to restrict what we do..

DNR
-
He gives wisdom to the wise and knowledge to the discerning. He reveals deep and hidden things; he knows what lies in Darkness, and Light dwells with him.

User avatar
ayu
Staff
Staff
Posts: 8109
Joined: 27 Aug 2005, 16:00
18
Contact:

Re: oopsie...kickstarter.com was compromised.

Post by ayu »

DNR wrote:I am not sure what the damage could be - denying its users the ability to raise funds (funds are not stored by them) by corrupting the site. Even secret plans of new inventions are not stored here.

Just another bad hack to pressure law enforcement to restrict what we do..

DNR
The damage is that peoples password leak out to the public.
Loads of people (I would like to say most), reuse their passwords, and thus other people can access their bank, facebook, mail and other services if these databases are leaked.
Of course an easy solution would be to tell people to stop reusing passwords, but that would be as if we would tell everyone to stop smoking.
It's just not going to happen in the near future.
"The best place to hide a tree, is in a forest"

User avatar
bad_brain
Site Owner
Site Owner
Posts: 11636
Joined: 06 Apr 2005, 16:00
18
Location: In your eye floaters.
Contact:

Re: oopsie...kickstarter.com was compromised.

Post by bad_brain »

hopefully a dump shows up soon, I am really interested in what kind of hashing they use for the user passwords... :-k
Image

User avatar
DNR
Digital Mercenary
Digital Mercenary
Posts: 6114
Joined: 24 Feb 2006, 17:00
18
Location: Michigan USA
Contact:

Re: oopsie...kickstarter.com was compromised.

Post by DNR »

huh, people reuse the same password? isn't that weak opsec?

:lol:

DNR
-
He gives wisdom to the wise and knowledge to the discerning. He reveals deep and hidden things; he knows what lies in Darkness, and Light dwells with him.

User avatar
bad_brain
Site Owner
Site Owner
Posts: 11636
Joined: 06 Apr 2005, 16:00
18
Location: In your eye floaters.
Contact:

Re: oopsie...kickstarter.com was compromised.

Post by bad_brain »

actually I do too....but only on "I don't give a crap anyway" accounts, from which I have plenty... :lol:
Image

Post Reply