Popular crowdsourcing site Kickstarter should think about crowdfunding some tighter security. The site notified users on Saturday their personal information may have been compromised due to a hacking incident.
In an email sent to Kickstarter users, company CEO Yancey Strickler writes that "No credit card data of any kind was accessed by the hackers" and that "There is no evidence of unauthorized activity of any kind on your account."
It is not yet clear who performed the attack or just how many accounts were affected, but Kickstarter has emphasized that all users should change their passwords on Kickstarter and other sites where they use the same logins.
A writer for ZDnet says that he thinks the notification is a good move on Kickstarter's part, writing "Other companies should follow the same transparent ideal and admit when something like this happens so that customers and members can take immediate action."
While there has been no official follow up on the exact details of the hack, the company did post a short Q and A on their blog that sheds some more light on the situation.
Among the questions were how the Kickstarter encrypts their passwords (newer ones are hashed), whether or not they store credit card data (they don't), and why they notified people Saturday when they had found out they were hacked on Wednesday (they had to investigate).
Along with the Kickstarter hack, Forbes had a username/password database released online by the Syrian Electronic Army.