Kickstarter Hacked: Here's All You Need To Know
Popular crowdfunding platform Kickstarter was hacked, as was said in its #-Link-Snipped-# on Saturday. The reason behind the attack is unknown. The attackers departed with usernames, encrypted passwords, e-mail addresses, mailing addresses and phone numbers. Upon hearing the security breach, Kickstarter immediately closed it and began upgrading its security measures throughout the system.
The blog further added that the passwords stolen were encrypted but the weak or obvious passwords could be decrypted by a person having enough computing power. Therefore, Kickstarter has advised its users to reset their passwords. It has also assured that no credit card information was stolen. The passwords were encrypted multiple times using the Sha 1 algorithm and the newer accounts were encrypted using Bcrypt. The number of accounts compromised appears to be two in number and Kickstarter said that it had reached out to them and had also secured their accounts.
Image Source: #-Link-Snipped-#
As a safety measure, Kickstarter also reset the Facebook credentials of all accounts meaning that it was not possible to log in Kickstarter using a Facebook account. After logging in, the user could simply restore it by reconnecting the account to Facebook.
Interestingly, cryptanalysts had found attacks on SHA-1 suggesting that the algorithm was no longer suitable to secure data way back in 2005 and NIST required many applications in federal agencies to move to Sha 2 after 2010 because of the weakness. Read more about how the #-Link-Snipped-# and also #-Link-Snipped-#.
Do we all have to live in a constant fear of losing our confidential information unless companies update their security standards? Share your views in the comments below.
(Source: Kickstarter Blog, Wikipedia)
The blog further added that the passwords stolen were encrypted but the weak or obvious passwords could be decrypted by a person having enough computing power. Therefore, Kickstarter has advised its users to reset their passwords. It has also assured that no credit card information was stolen. The passwords were encrypted multiple times using the Sha 1 algorithm and the newer accounts were encrypted using Bcrypt. The number of accounts compromised appears to be two in number and Kickstarter said that it had reached out to them and had also secured their accounts.
Image Source: #-Link-Snipped-#
Interestingly, cryptanalysts had found attacks on SHA-1 suggesting that the algorithm was no longer suitable to secure data way back in 2005 and NIST required many applications in federal agencies to move to Sha 2 after 2010 because of the weakness. Read more about how the #-Link-Snipped-# and also #-Link-Snipped-#.
Do we all have to live in a constant fear of losing our confidential information unless companies update their security standards? Share your views in the comments below.
(Source: Kickstarter Blog, Wikipedia)
Replies
You are reading an archived discussion.
Related Posts
It's very common to see parents scolding their ward for spending too much time playing video games. But as reported by Fox News, playing video games can actually prove to...
Hello @Kaustubh Katdare sir,
Do you have any information, or can you please refer somebody who knows, about Inter stream placements opportunities in CDAC. I saw a list of companies...
Google has acquired SlickLogin, a start-up company from Israel which made its debut just 5 months ago. The acquisition was confirmed after SlickLogin posted about it on its website, where...
Apple has surely taken the tech world by storm and now the company wants to explore its potential in every direction. Back home and overseas, Apple is facing tough competition...
Professor Malcolm MacIver and his team of researchers from Northwestern University have designed and developed a robotic fish named 'Ghostbot' that has made way for underwater vehicles with high agility....