Kickstarter Hacked – Takes Three Days to Tell Anyone

February 16, 2014Leave a reply

The popular crowd source finance site Kickstarter was hacked!  In an email received today, Kickstarter CEO Yancey

Strickler statedOn Wednesday night, law enforcement officials contacted Kickstarter and alerted us that hackers had sought and gained unauthorized access to some of our customers’ data.”

Now, think about this for a second.  First, Kickstarter knew this past Wednesday that they had been hacked, and, only now are telling customers about it.  That’s three days that the hackers had to use the data they stole.  Second, Kickstarter had no idea they had been hacked.  They were told by “law enforcement officials” that they had been hacked.  I’ll bet their security people are having nightmares about theforthcoming pink slips about now.kickstarterhack

But Wait!  There’s More!

Again, from the email Kickstarter sent to customers, “As a precaution, we have reset your Facebook login credentials to secure your account. No further action is necessary on your part.“.  Well, I do have to give it to Kickstarter for closing the hole (speculation here, but it looks like it’s in their FB Connect systems or related code).  But, it might not be a bad idea to change your Facebook account password about now.

Good News!  It Wasn’t A Total Loss!

Kickstarter also said that. “No credit card data of any kind was accessed by hackers. There is no evidence of unauthorized activity of any kind on your account.”.   I am happy that Kickstarter didn’t lose my credit card data.  But I think I’m changing my PIN anyway, and check the account a couple times a day for a while.  And my Kickstarter account is more than likely going to be totally reset as well.

What’s The Lesson?

The simple lesson is that nobody is safe.  Kickstarter is a good company, with a popular online product, and good people working for them.  And if they can get hacked, so can you.  What’s the Lesson?  Keep your security updated.  Make sure your anti-virus is backed up with an anti-malware system in addition to remote cloud backups.  Don’t go surfing strange sites.  And change your passwords on a regular basis.

Need help getting all that done?  Click on our Contact link (above) and let us know.