Saturday, February 15, 2014

Crowdfunding platform Kickstarter chopped - Heise Newsticker

crowdfunding platform Kickstarter has been the victim of a hacker attack. Beyond user name and e-mail addresses attacked the hackers also to encrypted passwords.

an attack on the crowdfunding platform Kickstarter customer data has been compromised. On the face of personal data of all customers were tapped, including their names, email addresses, postal addresses and phone numbers.

The encrypted passwords were also read out by the attackers. Kickstarter may never be ruled out that this could be cracked. However, the company assured older passwords are “salted” been with SHA1 and later fused with bcrypt. This Kickstarter is nevertheless careful with the data of its customers to Adobe as. The Grafikkkonzern had inadequate passwords encrypted and set the login data of at least 38 million users on the line last fall.

Who has an account with Kickstarter, which are encouraged to change their password immediately. Anyone who uses the same password for other sites, it should change there as well. Kickstarter participants who have logged in with their Facebook-login on Kickstarter need to reauthenticate on their next visit to the crowdfunding site – the security of their Facebook logins either by the hack but not endangered

.


Kickstarter assured its members to have their passwords “salted” saved. Click to enlarge
Kickstarter claims to have learned only on Wednesday by law enforcement authorities about the hack. Then, the operator closed out the security gaps over which the unknown attackers had procured access to the system. Then you have tightened the security measures throughout the system before the company last night its customers by e-mail contacted. So far, only two cases are known in which user data has been misused.

Kickstarter points out in his blog, the attack no credit card information had been compromised. The platform basically save no complete credit card numbers. For contributions to projects of non-US citizens to hold fast the last four digits and expiration date of your credit card. In this data, the attacker would, however, provides no access.

Kickstarter is a platform that creative offers the opportunity for their projects to promote direct financial support. The platform is used, among other things, of game developers, hardware designers and artists. The site currently has 5.6 million registered users. (ghi)

No comments:

Post a Comment