Kickstarter Data Breach: 3 takeaways from the latest mass hacking

Privacy

Written by:

Kickstarter Data BreachOver the weekend (this past Saturday, February 15), I got an email from the popular online crowdfunding platform Kickstarter, informing me that my account may have been compromised.

Kickstarter CEO Yancey Strickler assured me, and all other Kickstarter users, that no credit card information was stolen, but that my name and other “usernames, email addresses, mailing addresses, phone numbers, and encrypted passwords” were accessed by the hackers.

Data breaches are officially a constant occurrence, but I’m not sure if the threat feels real enough to everyone surfing the web. By the time a data breach notification email lands in your inbox, the crime has already been committed, and its repercussions are unpredictable.

Kickstarter data breach translated: A cyber criminal (imagine a thief or burglar in the offline world) now has my email, phone number, and mailing address. This individual (or criminal group, more likely) could call my cell phone or show up to my house after work. That’s downright frightening. And now my personal information (as in the case of the Target data breach) could be sold on the black market, viewed by strangers, and used against me.

Is someone actually going to call me or show up at my house? Probably not. More likely, they’ll see if the encrypted password to my Kickstarter account is the same password I use at other sites and try to take advantage of it. Strickler even says in his email that the hacker(s) could crack my encrypted passcode.

Is the data breach resolved, as Kickstarter implies?

The Kickstarter data breach email encouraged recipients to change their account passwords. If you don’t use secure, differentiated passwords across the web, this of course means you need to change your password(s) everywhere.

The weekend email from Kickstarter also says that it has boosted security “in numerous ways,” and that they “immediately closed the security breach.” So it was that easy? Such a mass data breach being identified and completely fixed so quickly seems a little too rosy.

Kickstarter’s handling of their data breach is more timely than other recently hacked companies, though. Many breaches don’t surface to the public for months. Take Kaiser, for example.

Takeaway #1: Be selective about who you give your information, and be skeptical about what companies tell you when they lose your data.

Be smarter about how you use the web

Recently, countless data breaches at major companies (including Target and Neiman Marcus during the 2013 holiday season) have made it clear that companies aren’t doing enough to stay ahead of cybercrime.

How can you trust any company to safeguard your info?

Giving out personal data on the web is an accident waiting to happen. Even sites with good intentions—like Kickstarter—are at risk.

This doesn’t mean that you shouldn’t participate in the wonders of the web. Kickstarter’s online platform allowed 3 million people to fund over 19,000 creative projects (totaling over $480 million pledged dollars) in 2013 alone. The Kickstarter project that I contributed to this year saved the independent movie theater in my hometown from shutting down.

Takeaway #2: The answer is not abandoning the incredible resources the internet has to offer; the answer is smarter participation.

Kickstarter data breach

Kickstarter shares its 2013 highlights

Abine’s DoNotTrackMe encourages smarter participation

Abine’s goal is to provide you with tools to better protect your identity while you engage online. We created DoNotTrackMe because we want users to be able to crowdfund a project, and do whatever else they want on the web, without jeopardizing their well-being. DoNotTrackMe is available for free.

The Kickstarter data breach is further confirmation that any information you put online is at risk of getting in the wrong hands. It’s time for internet users to proactively protect themselves on the internet.

Takeaway #3: There are tools out there to help you stay safer and participate smarter on the web. DoNotTrackMe is one of them.

You can find the Kickstarter data breach security notification from Strickler here.

6 Replies to “Kickstarter Data Breach: 3 takeaways from the latest mass hacking”

  1. Ed Lammers says:

    Each day when I watch the news, or receive an email from Abine about another hack incident,
    I thank my lucky stars that I am a DoNotTrackMe Premium member and belong to DeleteMe !

    You people, hard at work every day, protect me and my wife with your ‘cutting-edge’ tools – and
    you never stop.

    Never think that you are taken for granted.

    Thank you for everything you do for me and my wife each day.

    Ed Lammers

  2. Bill says:

    A GOOD description that applies to my feelings–and probably those of countless others!

  3. As you said, putting your personal information out there means putting yourself at risk. But it’s not as if we are all going to give up online shopping anytime soon. Consumers need to keep a close eye on all the sites they have their credit cards or identities too and the minute something looks fishy pull the plug! Obviously we all hope the sites themselves will protect our data but don’t put out more information than you absolutely have to.

    • Hi Jessica,

      You’re right, online shopping is here to stay. With Abine’s Masked Credit Cards, you can shop online without ever giving out your real credit card number. This feature, as well as our Masked Phone Number Service, is available with a premium DoNotTrackMe subscription. I’m a frequent online shopper myself, and I use masked cards every time!

  4. Teachings: Follow these easy measures attentively to get Free Imvu Credits

Leave a Reply