Crowdfunding site hacked data leaked

Crowdfunding site Patreon hacked data leaked

Crowdfunding site hacked data leaked  Image copyright
Patreon

Image caption

Some of the projects currently seeking funding via Patreon

About 15 gigabytes of data including names, addresses and donations have been published online following a hack attack on crowdfunding site Patreon.

Patreon allows people to make regular donations to artists for projects.

Projects currently seeking funding include a science video series featuring former International Space Station commander Chris Hadfield.

Credit card details were not stolen, said chief executive Jack Conte.

"We do not store full credit card numbers on our servers and no credit card numbers were compromised," he wrote on the firm's blog.

"Although accessed, all passwords, social security numbers and tax form information remain safely encrypted with a 2048-bit RSA key."

He said that passwords were not stored unencrypted but urged site users to change their login details as a precaution.

According to Patreon's statistics the site was attracting 16 million viewers per month in June 2015.

The site was breached via a test or "debug" version of the site – useful to developers but in this case also visible to the public, said Mr Conte.

Security expert Troy Hunt said the data published online so far appears to be genuine.

"At the very least, it means mapping individuals with the Patreon campaigns they supported," he told Ars Technica.

Mr Hunt added that he had identified 2.3 million unique email addresses in the stolen data, including his own.

However, he also tweeted that "many tens of thousands" appeared to be auto-generated.

Image copyright
Twitter

Read more