from the hackers-want-crowdfunding-too dept.
According to a recent announcement, the crowdfunding site Kickstarter has been hacked. Kickstarter states that there was no credit card information stolen and that all unauthorized activity has been limited to only two accounts.
While the passwords are all salted and encrypted (either using SHA-1 or bcrypt), a weak password might still be hacked. Users are strongly advised to change their passwords on Kickstarter and any other site where they use the same passwords.
Further information can be found at the Kickstarter blog.
So, as I write this, day one has officially come to an end. I'm still somewhat in shock over it. Last night when I was editing the database to change over hostnames and such, I was thinking, man, it would be great if we got 100 regular users by tomorrow. Turns out I was wrong. By a factor of ten. Holy cow, people. I'm still in a state of disbelief, partially due to the epic turnout, but also because our very modest server hardware hasn't soiled itself from the influx (the numbers are, well, "impressive" is a way to put it). Anyway, I wanted to do a bit of a writeup of where we stand now, what works, and what doesn't. Check it out (and some raw numbers) after the break! Warning, it is a bit lengthy.