KICKSTARTER, the crowdfunding platform used by thousands of small and medium-sized enterprises, admitted yesterday that US law enforcement had informed it of a major data breach last week.
The company said that user’s credit card information had not been accessed, but that some usernames, email addresses and encrypted passwords had been compromised.
“We set a very high bar for how we serve our community, and this incident is frustrating and upsetting,” said Kickstarter chief executive Yancey Strickler in an email to users yesterday, adding that two user’s accounts were confirmed to have been affected.
Kickstarter said it has beefed up security in recent days while working with law enforcement.
“We have since improved our security procedures and systems in numerous ways, and we will continue to do so in the weeks and months to come,” added Strickler.
Recent data breaches at Tesco.com and US retailer Target have sparked concern over who should bear the cost of consumer losses and how to improve cybersecurity.
Kickstarter launched in 2009 as a conduit for funding of projects ranging from films and stage shows to video games and restaurant launches. Contributors to a project’s launch are often compensated with rewards, discounts, credits or other offers from the projects they help fund.
Last year over 3m users pledged more than $480m (£287m) to Kickstarter projects, with nearly 20,000 projects reaching their funding goal.
Kickstarter has been used to fund projects such as the Pebble smartwatch, that raised over $10m, and singer Amanda Palmer’s album Theatre Is Evil, which raised $1.2m.
While other players in the crowdfunding market have branched out to include crowdfunding for equity, debt and property,
Kickstarter’s model still revolves around crowdfunding for tangible rewards or special experiences.