Hackers access customer data on Kickstarter fundraising site

PUBLISHED : Monday, 17 February, 2014, 9:29pm
UPDATED : Tuesday, 18 February, 2014, 4:27am


Online fundraising site Kickstarter says hackers have got hold of some of its customer data.

Kickstarter co-founder Yancey Strickler said in a blog post that hackers accessed usernames, e-mail addresses, phone numbers and passwords.

The passwords are encrypted, but the company said it's possible for a hacker to guess a weak or obvious password. It recommended that users change their passwords.

Hackers did not get credit card information, said New York-based Kickstarter, but two accounts saw unauthorised activity.

Kickstarter is one of dozens of crowdfunding websites that let people raise money from donors for projects.

Kickstarter campaigns have included Zach Braff and Spike Lee movies, a brewery, arts projects and business start-ups.

The company said it learned about the breach from a law enforcement agency on Wednesday and closed it immediately.

"We're incredibly sorry that this happened," Strickler wrote. "We set a very high bar for how we serve our community, and this incident is frustrating and upsetting. We have since improved our security procedures and systems in numerous ways." He added that the company is "working closely with law enforcement".

Kickstarter was founded five years ago and has collected US$982 million for more than 56,000 projects, according to its website. It says it has collected pledges from more than 5.6 million people.

The breach comes after discount retailer Target said it believes hackers infiltrated the computers of one of its vendors, and installed malicious software in Target's checkout system for its 1,800 US stores.

Experts believe the thieves gained access during the busy holiday season to about 40 million credit and debit card numbers. They also got the personal information - including names, email addresses, phone numbers and home addresses - of as many as 70 million customers.