Tonight, Kickstarter announced they had a security breach early this week, and they didn’t know until law enforcement officials told them on Wednesday night. Kickstarter CEO Yancey Strickler wrote a letter of apology to users that encouraged people to change their passwords to be safe. The letter was posted on the company blog and emailed to users today.
The company says no credit card numbers were stolen, because “Kickstarter does not store full credit card numbers.”
@kickstarter Perhaps you should have told us that out passwords were stolen when it happened THREE DAYS AGO? How very impressive of you…
— Strange Tea (@Strange_Tea) February 15, 2014
In response to questions on Twitter about why the crowd-source funding site waited three days to notify everyone, the company updated their post to include this answer:
We immediately closed the breach and notified everyone as soon we had thoroughly investigated the situation.
Kickstarter also explained that those users who used Facebook logins were not compromised during the breach.
We’ve posted the email version of Strickler’s letter below: