We here at Big Shiny Robot! love Kickstarter, and many of us have recommended supporting some of the various campaigns there. Hell, a few of us have even used the crowd funding site to help finance some of our own ventures.
Well, according to a statement from the company, criminals have managed to infiltrate the site and accessed encrypted personal information, including mailing addresses, phone numbers, email addresses and passwords. The actual attack took place Wednesday, but Kickstarter waited until today to release a statement to ensure they knew exactly what was stolen.
CEO Yancey Strickler included this in the release:
While no credit card data was accessed, some information about our customers was. Accessed information included usernames, email addresses, mailing addresses, phone numbers, and encrypted passwords. Actual passwords were not revealed, however it is possible for a malicious person with enough computing power to guess and crack an encrypted password, particularly a weak or obvious one.
As a precaution, we strongly recommend that you create a new password for your Kickstarter account, and other accounts where you use this password.
The press release goes on further to say that the security holes have been patched and that the site is now secure and safe for use.
You can go here to read the full announcement.