Crowdfunding website Kickster has been subject to a security breach on Wednesday, stealing user details.
In a blog post, Chief Executive Officer Yancey Strickler detailed exactly what data was accessed:
“No credit card data of any kind was accessed by hackers. There is no evidence of unauthorized activity of any kind on all but two Kickstarter user accounts. While no credit card data was accessed, some information about our customers was. Accessed information included usernames, email addresses, mailing addresses, phone numbers, and encrypted passwords.”
He explained that even though the passwords are encrypted, anyone with enough determination and computer power would be able to crack them. Because of this, it is advised that anyone with a Kickstarter account change their password, as well as any other online accounts that shares the same one.
Credit card data is apparently safe as Kickstarter doesn’t store complete credit card details, only the final four digits and expiry date.
It is refreshingly honest to see such a large website being frank and honest about what data was exposed, why and how they plan on preventing it in the future. With the 2011 PSN hacking still fresh in the mind of many gamers, receiving a quick and informative response is a welcome change from the usual PR run-around.