Kickstarter is the latest hack victim -- regains control and issues belated apology
It seems to be hacking season at the moment, with new high profile victims hitting the headlines just about every day. The latest target is Kickstarter. The website, which exists to help projects raise the funds they need to get off the ground, was hacked on Wednesday, but details of the attack -- along with an apology -- have only just been made public. If you're wondering why is has taken so many days for Kickstarter to speak out, the company has pre-empted your question and supplied a FAQ: "We immediately closed the breach and notified everyone as soon we had thoroughly investigated the situation".
In a statement on the Kickstarter website CEO Yancey Strickler explained that the company had been contacted by law enforcement officials and alerted to the activity of hackers. It's not clear what users are likely to find more alarming, the fact that the site was hacked in the first place, or the fact that it was not Kickstarter that noticed, but a third party.
Few details have been given about the number of accounts that were affected, but Kickstarter admits that hackers gained access to "usernames, email addresses, mailing addresses, phone numbers, and encrypted passwords". Unauthorized activity was detected on just two accounts following the security breach, and these have now been secured. Strickler is quick to point out that passwords are encrypted, but conceded that "it is possible for a malicious person with enough computing power to guess and crack an encrypted password, particularly a weak or obvious one".
Users are being advised to change their passwords, and a reminder is displayed in a banner at the top of the page on the first visit after the attack. Kickstarter says that its security has already been bolstered since Wednesday, but there seem to be even more fortifications planned as more security improvements are to be introduced in "the weeks and months to come".
Are you concerned by the recent state of attacks that have been launched on big websites, or is it to be expected?
Image Credit: SFerdon / Shutterstock