Why the Kickstarter & Target Breaches Are Different

As you’ve no doubt heard by now, hackers gained access to some Kickstarter user information earlier this month. The company found out about it Feb. 12 and alerted users via email Feb. 15. The subject line “Important Kickstarter Security Notice” isn’t the kind anyone wants to read, but people are getting used to it.

Another security breach. Perhaps you opened the email with a groan or an eye-roll, wondering how much of your information has been compromised this time.

“This is now the third certainty in life, that you’ll be exposed to a breach,” said Adam Levin, chairman and co-founder of Credit.com and Identity Theft 911. The other two certainties, as the saying goes, are death and taxes. “We’re just going to keep hearing this over and over.”

Kickstarter, which has 5.6 million users and funded $984 million in projects, said no credit card data was hacked, but the following information was: usernames, email addresses, mailing addresses, phone numbers and encrypted passwords.

“Actual passwords were not revealed,” the Kickstarter email notification read, “however it is possible for a malicious person with enough computing power to guess and crack an encrypted password, particularly a weak or obvious one.”

Get everything you need to master your credit today.

Get started for free

What to Do Now

The company urged everyone to change passwords, despite the encryption.

“That also means they should change their passwords everywhere else if their passwords are the same or similar,” Levin said. He added that people need to be aware of scams that may come their way through email, text or phone, given that such contact information was hacked.

Walter Boyd, a senior privacy adviser with IDT911 Consulting, said that while getting money is usually the ultimate goal of hacks like this, the Kickstarter and Target breaches aren’t on the same level.

“Target is more serious because you’re talking about them having financial information on you,” Boyd said. The information accessed through Kickstarter could help thieves get to your financial information, Boyd said, but it’s not as immediately valuable to hackers as credit card numbers.

The Target breach is more of a failure of credit card technology than Internet security, Boyd said.

Still, Kickstarter users need to be vigilant for any scams or unauthorized activity on any online accounts they have. Levin said there’s a lot of value to using complex passwords and different usernames for various online accounts, because it adds obstacles to the hackers’ path. But no one’s safe from security breaches.

“As clever as you may be, these guys seem to be more clever because it’s all they do,” Levin said. “There’s too much money in it.”

If you’re worried about your identity becoming compromised after the numerous recent data breaches, you can monitor your credit for free using the Credit Report Card, a free tool that updates two of your credit scores every month. Any large, unexpected change in your credit scores could signal identity theft and you should pull your credit reports (which you can do for free once a year from each of the major credit reporting agencies).