Kickstarter was hacked, announced the New York-based popular crowdfunding website in an email sent out on Saturday.
Kickerstarter said that no credit card data of any kind was accessed by hackers, nor was there evidence of unauthorized activity on the accounts. But some information of users, including usernames, email addresses, mailing addresses, phone numbers, and encrypted passwords, were breached.
While the crowdfunding site have only a limited number of users and projects, the implications of the hack may worry the backers of each project. A project may be setup under an username, but it may have thousands of backers who made pledges and entered their credit card information.
Upon notification by the police authorities, Kickstarter immediately closed the security breach and began strengthening security measures throughout the Kickstarter system.
"Actual passwords were not revealed, however it is possible for a malicious person with enough computing power to guess and crack an encrypted password, particularly a weak or obvious one," said Kickstarter CEO Yancey Strickler in the email send out to all users.
As a precautionary measure, the company recommend that users to log in to their account to create a new, secure password.
"We're incredibly sorry that this happened," said Strickler. "We set a very high bar for how we serve our community, and this incident is frustrating and upsetting."
Strickler affirmed that they are working closely with law enforcement and will do everything that they can to stop this from happening account.
