|Kickstarter Hack Attack Leaks User Passwords|
|By JON M. CHANG||Feb 17, 2014, 2:24 PM|
"On Wednesday night, law enforcement officials contacted Kickstarter and alerted us that hackers had sought and gained unauthorized access to some of our customers' data," Kickstarter CEO Yancey Strickler wrote on Feb. 15 in the company's blog. "Accessed information included usernames, email addresses, mailing addresses, phone numbers and encrypted passwords."
However, Strickler said that no credit card information was leaked, and that unauthorized activity was detected on only two accounts. He added that Kickstarter itself does not store full credit card numbers. While the company does hold onto the last four digits and expiration dates for credit cards making pledges to projects outside of the United States, Strickler said that the hackers did not touch this data.
Though the hackers gained access to password data, the passwords themselves were encrypted. Strickler still urged Kickstarter users to change their password. "It is possible for a malicious person with enough computing power to guess and crack an encrypted password, particularly a weak or obvious one," he said.
Kickstarter declined ABC News' request for commentary beyond Strickler's post.