Crowd-funding website Kickstarter was attacked by hackers who "sought and gained unauthorized access to some of our customers' data" on Wednesday night, CEO Yancey Strickler announced today. Strickler also noted that the reason he waited to announce this was to investigate the situation thoroughly first.
"No credit card data of any kind was accessed by hackers," wrote Strickler. "There is no evidence of unauthorized activity of any kind on all but two Kickstarter user accounts.
"While no credit card data was accessed, some information about our customers was. Accessed information included usernames, email addresses, mailing addresses, phone numbers, and encrypted passwords. Actual passwords were not revealed, however it is possible for a malicious person with enough computing power to guess and crack an encrypted password, particularly a weak or obvious one."
Strickler also strongly recommended that all Kickstarter users change their passwords, as well as changing the passwords of any accounts on other websites that use the same password. He also noted that users who log in via Facebook had their login credentials reset and will have to log-in again.