Author Topic: Kickstarter Hacked?  (Read 6406 times)

0 Members and 1 Guest are viewing this topic.

Offline dexters_lab

  • Supporter
  • ****
  • Posts: 1853
  • Country: gb
    • DextersLab2013
Kickstarter Hacked?
« on: February 15, 2014, 10:00:57 pm »
Just had this from KS, time to change your password!

Quote


On Wednesday night, law enforcement officials contacted Kickstarter and alerted us that hackers had sought and gained unauthorized access to some of our customers' data. Upon learning this, we immediately closed the security breach and began strengthening security measures throughout the Kickstarter system.

No credit card data of any kind was accessed by hackers. There is no evidence of unauthorized activity of any kind on your account.

While no credit card data was accessed, some information about our customers was. Accessed information included usernames, email addresses, mailing addresses, phone numbers, and encrypted passwords. Actual passwords were not revealed, however it is possible for a malicious person with enough computing power to guess and crack an encrypted password, particularly a weak or obvious one.

As a precaution, we strongly recommend that you change the password of your Kickstarter account, and other accounts where you use this password.

To change your password, log in to your account at Kickstarter.com and look for the banner at the top of the page to create a new, secure password. We recommend you do the same on other sites where you use this password. For additional help with password security, we recommend tools like 1Password and LastPass.

We’re incredibly sorry that this happened. We set a very high bar for how we serve our community, and this incident is frustrating and upsetting. We have since improved our security procedures and systems in numerous ways, and we will continue to do so in the weeks and months to come. We are working closely with law enforcement, and we are doing everything in our power to prevent this from happening again.

Kickstarter is a vibrant community like no other, and we can’t thank you enough for being a part of it. Please let us know if you have any questions, comments, or concerns. You can reach us at accountsecurity@kickstarter.com.

Thank you,

Yancey Strickler
Kickstarter CEO
"A common mistake people make when trying to design something completely foolproof is to underestimate the ingenuity of complete fools." - Douglas Adams
https://www.youtube.com/user/DextersLab2013
http://dexterslab2013.blogspot.co.uk/
 

Online Marco

  • Super Contributor
  • ***
  • Posts: 4926
  • Country: nl
Re: Kickstarter Hacked?
« Reply #1 on: February 15, 2014, 10:27:49 pm »
ps oops, nm.
« Last Edit: February 15, 2014, 10:34:58 pm by Marco »
 

Offline zapta

  • Super Contributor
  • ***
  • Posts: 6004
  • Country: us
Re: Kickstarter Hacked?
« Reply #2 on: February 15, 2014, 11:17:10 pm »
This may be the reason for Dave's comment about not being able to change the receiving bank account.
Drain the swamp.
 

Offline Legit-Design

  • Frequent Contributor
  • **
  • Posts: 562
Re: Kickstarter Hacked?
« Reply #3 on: February 16, 2014, 09:40:46 am »
Saddest part is not many companies have the guts to admit something like this. Some companies just stay silent and hope no one notices.
 

Offline SeanB

  • Super Contributor
  • ***
  • Posts: 15434
  • Country: za
Re: Kickstarter Hacked?
« Reply #4 on: February 16, 2014, 09:55:41 am »
Changed my password to another generated one now.

E68sjn02Kp2aQ is no longer in use.
 

Offline owiecc

  • Frequent Contributor
  • **
  • Posts: 293
  • Country: dk
    • Google scholar profile
Re: Kickstarter Hacked?
« Reply #5 on: February 16, 2014, 10:12:18 am »
E68sjn02Kp2aQ is no longer in use.
Seems quite safe. I'll use it. Thanks.
 

Offline SeanB

  • Super Contributor
  • ***
  • Posts: 15434
  • Country: za
Re: Kickstarter Hacked?
« Reply #6 on: February 16, 2014, 10:16:29 am »
ROFL, who knows?

I often use a password from www.grc.com/password as a starter for generating one.
 

Offline codeboy2k

  • Super Contributor
  • ***
  • Posts: 1838
  • Country: ca
Re: Kickstarter Hacked?
« Reply #7 on: February 16, 2014, 11:57:39 am »
E68sjn02Kp2aQ is no longer in use.
Seems quite safe. I'll use it. Thanks.

damn.. owiecc grabbed it before I could.. Sean, have you got another, send it to me :) thanks!
 

Offline SeanB

  • Super Contributor
  • ***
  • Posts: 15434
  • Country: za
Re: Kickstarter Hacked?
« Reply #8 on: February 16, 2014, 12:38:44 pm »
7qVSMUUeH77md
 

Offline dexters_lab

  • Supporter
  • ****
  • Posts: 1853
  • Country: gb
    • DextersLab2013
Re: Kickstarter Hacked?
« Reply #9 on: February 16, 2014, 01:22:36 pm »
lol, i just jab randomly at the keyboard!
"A common mistake people make when trying to design something completely foolproof is to underestimate the ingenuity of complete fools." - Douglas Adams
https://www.youtube.com/user/DextersLab2013
http://dexterslab2013.blogspot.co.uk/
 

Offline SeanB

  • Super Contributor
  • ***
  • Posts: 15434
  • Country: za
Re: Kickstarter Hacked?
« Reply #10 on: February 16, 2014, 02:16:43 pm »
lol, i just jab randomly at the keyboard!

Hard to do that in the password entry where you have to enter it twice..... A row of *************** will not do!
 

Online PA0PBZ

  • Super Contributor
  • ***
  • Posts: 4466
  • Country: nl
Re: Kickstarter Hacked?
« Reply #11 on: February 16, 2014, 03:08:09 pm »
lol, i just jab randomly at the keyboard!

Hard to do that in the password entry where you have to enter it twice..... A row of *************** will not do!
Of course you do it in Notepad first and the copy-paste twice :P
Keyboard error: Press F1 to continue.
 

Offline codeboy2k

  • Super Contributor
  • ***
  • Posts: 1838
  • Country: ca
Re: Kickstarter Hacked?
« Reply #12 on: February 16, 2014, 03:17:07 pm »
Fricken Notepad... I've done that trick, Windows crashed after I pasted it and before I could save it :)
 

Online madires

  • Super Contributor
  • ***
  • Posts: 5496
  • Country: de
  • A qualified hobbyist ;)
Re: Kickstarter Hacked?
« Reply #13 on: February 16, 2014, 03:35:38 pm »
7qVSMUUeH77md

Too simple :-)

7q!VsM%UU;eH&63mdö
 

Offline mariush

  • Super Contributor
  • ***
  • Posts: 4008
  • Country: ro
  • .
Re: Kickstarter Hacked?
« Reply #14 on: February 16, 2014, 03:38:15 pm »


classic but still valid. 
 

Offline dexters_lab

  • Supporter
  • ****
  • Posts: 1853
  • Country: gb
    • DextersLab2013
Re: Kickstarter Hacked?
« Reply #15 on: February 16, 2014, 05:47:12 pm »
lol, i just jab randomly at the keyboard!

Hard to do that in the password entry where you have to enter it twice..... A row of *************** will not do!
Of course you do it in Notepad first and the copy-paste twice :P

exactly, i use Steganos LockNote to store everything, it's like Notepad but with encryption
"A common mistake people make when trying to design something completely foolproof is to underestimate the ingenuity of complete fools." - Douglas Adams
https://www.youtube.com/user/DextersLab2013
http://dexterslab2013.blogspot.co.uk/
 

Offline FrankBuss

  • Supporter
  • ****
  • Posts: 2334
  • Country: de
    • Frank Buss
Re: Kickstarter Hacked?
« Reply #16 on: February 16, 2014, 06:28:15 pm »


classic but still valid.
No, see http://www.wired.co.uk/news/archive/2013-05/28/password-cracking Passwords like "momof3g8kids" were cracked. Modern password cracking programs do dictionary attacks with multiple words and arbitrary characters between words. So four common words (maybe a dictionary with 1000 common words) would need 1000^4 = 10^12 tries. Depending on the algorithm, modern graphics cards or special hardware can test 10^9 passwords per second, which means it would be cracked in 17 minutes. A three word password in one second, which allows even testing for the popular number or character between the words.

The only secure password is at least 10 random letters and numbers. Anything random below 8 could be cracked fast, if the system uses standard hashing functions and if the hacker has the password hash.
So Long, and Thanks for All the Fish
Electronics, hiking, retro-computing, electronic music etc.: https://www.youtube.com/c/FrankBussProgrammer
 

Offline CanadianAvenger

  • Regular Contributor
  • *
  • Posts: 179
Re: Kickstarter Hacked?
« Reply #17 on: February 16, 2014, 09:00:37 pm »
Here's another password option. You don't need to remember the password itself, jsut the starting point in the sequence.

http://www.passwordcard.org/en
 

Offline DomesticHacks

  • Regular Contributor
  • *
  • Posts: 53
  • Country: de
    • DomesticHacks
Re: Kickstarter Hacked?
« Reply #18 on: February 17, 2014, 11:13:39 am »
Interesting projects, tipps and tricks (in German).
DomesticHacks on YouTube: https://www.youtube.com/DomesticHacks
 

Offline FrankBuss

  • Supporter
  • ****
  • Posts: 2334
  • Country: de
    • Frank Buss
So Long, and Thanks for All the Fish
Electronics, hiking, retro-computing, electronic music etc.: https://www.youtube.com/c/FrankBussProgrammer
 


Share me

Digg  Facebook  SlashDot  Delicious  Technorati  Twitter  Google  Yahoo
Smf