This past weekend, Kickstarter acknowledged they had been the victim of a hacking attempt, and that the sensitive information of their customers was now at risk of being exploited on the web.
Unlike the Target breach, the hackers left the credit card information alone this time around, however they still made off with home addresses, email accounts, usernames, and encrypted passwords.
“Actual passwords were not revealed, however it is possible for a malicious person with enough computing power to guess and crack an encrypted password, particularly a weak or obvious one,” the site said in a blog post, adding that “as a precaution, we strongly recommend that you create a new password for your Kickstarter account, and other accounts where you use this password.”
Directly after the hole was discovered on Wednesday night, the Kickstarter security team patched the original hole and began the laborious process of rebuilding many of their network protection systems back up from scratch.
Kickstarter is already working with the proper authorities to find the source of the attack, although no formal leads have been reported to news outlets just yet.
Kickstarter co-founder Yancey Strickler took to his website to issue a formal apology to its members, and express his shared frustration with the community that helped build the business into what it is today.
“We’re incredibly sorry that this happened. We set a very high bar for how we serve our community, and this incident is frustrating and upsetting. We have since improved our security procedures and systems in numerous ways, and we will continue to do so in the weeks and months to come. We are working closely with law enforcement, and we are doing everything in our power to prevent this from happening again.”