Popular crowdfunding platform revealed over the weekend
that it had been struck by cyberattack last wednesday, and confirmed that while "no credit card data of any kind was accessed by hackers", intruders did gain access to user account information including "usernames, email addresses, mailing addresses, phone numbers, and encrypted passwords"
Actual passwords were not revealed, however it is possible for a malicious person with enough computing power to guess and crack an encrypted password, particularly a weak or obvious one.
As a precaution, we strongly recommend that you change the password of your Kickstarter account, and other accounts where you use this password.
To change your password, log in to your account at Kickstarter.com and look for the banner at the top of the page to create a new, secure password. We recommend you do the same on other sites where you use this password. For additional help with password security, we recommend tools like 1Password and LastPass.
We’re incredibly sorry that this happened. We set a very high bar for how we serve our community, and this incident is frustrating and upsetting. We have since improved our security procedures and systems in numerous ways, and we will continue to do so in the weeks and months to come. We are working closely with law enforcement, and we are doing everything in our power to prevent this from happening again.
Complete details and an additional security FAQ can be found on this blog post
by Kickstarter CEO Yancey Strickler.