This afternoon Kickstarter sent a message out to users detailing a hacker attack on their network. This network attack apparently had hackers given access to email addresses, mailing addresses, phone numbers, and encrypted passwords. Most (or all) users have also received a message that suggests no further action is needed on their part – but you do need to be aware of what this all means.
According to Kickstarter’s message to users, no credit card information was shared or made available in any way to hackers in this attack. For those of you aware of what’s at stake when your details outside of the credit card realm are shared.
Kickstarter shared the following message with users:
“No credit card data of any kind was accessed by hackers. There is no evidence of unauthorized activity of any kind on your account.
While no credit card data was accessed, some information about our customers was. Accessed information included usernames, email addresses, mailing addresses, phone numbers, and encrypted passwords. Actual passwords were not revealed, however it is possible for a malicious person with enough computing power to guess and crack an encrypted password, particularly a weak or obvious one.” – Kickstarter
The team responsible for reporting this attack at Kickstarter let it be known that they’ve reset Facebook login credentials for all users “to secure your account.” Of course if your email, address, and phone number are all attached to your username and you can think of a combination of these doing some harm to your life, pay heed.
While it’s extremely unlikely that encrypted passwords being shared in this way would allow these hackers to access any account at all, this might also be a great time to change your passwords on other accounts – as well as Kickstarter.