Having encrypted passwords won't immediately give hackers the ability to impersonate Kickstarter users. But if a user chose a weak password, then the hacker may be able to use password-cracking software to guess users' passwords. Therefore, users should immediately change their Kickstarter passwords. And if they re-used the password on other sites, the password should be changed there, too.
Strickler says the company learned of the breach on Wednesday evening and has been working hard to resolve the issue since then: "We set a very high bar for how we serve our community, and this incident is frustrating and upsetting. We have since improved our security procedures and systems in numerous ways, and we will continue to do so in the weeks and months to come."