And, it took the company three days from the time it learned of the hack to inform its community about the breach.
Kickstarter disclosed the hack in its blog on February 15, saying the hack “accessed information including usernames, email addresses, mailing addresses, phone numbers, and encrypted passwords.”
“Actual passwords were not revealed, however it is possible for a malicious person with enough computing power to guess and crack an encrypted password, particularly a weak or obvious one,” Kickstarter says.
The company says no credit card information was obtained.
Kickstarter apologized for the breach and said it has upgraded, and will continue to improve, security procedures. It advised users to change their Kickstarter passwords and to change their passwords on other sites where they use the same password.
It took Kickstarter three days from the time it learned of the hack from law enforcement authorities on the evening of February 12 to inform its community about the hack on February 15.
Of the delay, Kickstarter says: “We immediately closed the breach and notified everyone as soon as we had thoroughly investigated the situation.”
In 2013, Kickstarter projects attracted $480 million in funding from 3 million people, the company says.
Here are a videos from a few travel-related Kickstarter projects: