The popular crowd-funding Web site Kickstarter has been hacked, according to an announcement on the company's blog. "We’re incredibly sorry that this happened," Kickstarter CEO Yancey Strickler writes.
No credit card information was exposed by the breach, Strickler writes. But other information may have been exposed, including "usernames, email addresses, mailing addresses, phone numbers, and encrypted passwords."
Having encrypted passwords won't immediately give hackers the ability to impersonate Kickstarter users. But if a user chose a weak password, then the hacker may be able to use password-cracking software to guess users' passwords. Therefore, users should immediately change their Kickstarter passwords. And if they re-used the password on other sites, the password should be changed there, too.
Strickler says the company learned of the breach on Wednesday evening and has been working hard to resolve the issue since then: "We set a very high bar for how we serve our community, and this incident is frustrating and upsetting. We have since improved our security procedures and systems in numerous ways, and we will continue to do so in the weeks and months to come."
Kickstarter is only the latest company to be successfully targeted by hackers. Snapchat, Yahoo, Target, and Neiman Marcus have all had customer data compromised over the last two months. It's an important reminder for every company that holds customer data to take security concerns more seriously.