Kickstarter

In February 2014, Kickstarter, the renowned crowdfunding platform, fell victim to a significant data breach that compromised the personal information of approximately 5.2 million users. The breach was discovered when law enforcement officials alerted Kickstarter to unauthorized access of their systems. The exposed data encompassed usernames, email addresses, mailing addresses, phone numbers, and encrypted passwords. While no credit card information was accessed, the breach raised concerns due to the potential for encrypted passwords to be deciphered, especially if they were weak or commonly used. Kickstarter employed different encryption methods over time, with older passwords protected by salted SHA-1 hashing and more recent ones by bcrypt.

Data Included in the Breach