The crowdfunding site Kickstarter, a popular platform for creators to fund their comics or other artistic endeavors, revealed today that their site was hacked earlier this week. They said no credit card information was compromised, but other user data was accessed.
According to the blog post, accessed information included “usernames, email addresses, mailing addresses, phone numbers and encrypted passwords. Actual passwords were not revealed, however it is possible for a malicious person with enough computing power to guess and crack an encrypted password, particularly a weak or obvious one.” They urged users to change their password immediately.
Kickstarter found out about the breach on Wednesday, when they were contacted by law enforcement. They said they’ve only found evidence of unauthorized activity on two Kickstarter user accounts thus far. They later added that they don’t store full credit card numbers, but for pledges to projects outside of the United States, they store the last four digits and expiration dates for credit cards. Payments for domestic projects go through Amazon rather than through the Kickstarter site.