Tuesday, February 18, 2014

Local startups unfazed by Kickstarter hacking

And so the corporate hacking continues. But crowdfunding giant Kickstarter's "security breach" announcement Sunday didn't draw the same degree of ire as Target's data fiasco.
At least not in some Charlotte entrepreneurial circles. The main reason for that is the nature of the crime. In Kickstarter's case, no credit card data was stolen. 
What was accessed: usernames, email addresses, mailing addresses, phone numbers and encrypted passwords, said Kickstarter CEO Yancey Strickler, in a statement
"Actual passwords were not revealed," Strickler said, "however it is possible for a malicious person with enough computing power to guess and crack an encrypted password, particularly a weak or obvious one. ...There is no evidence of unauthorized activity of any kind on all but two Kickstarter user accounts." (Nevertheless, Kickstarter said they replied to a whopping 5,000 inquiries in 24 hours.) 
Taylor Hayden, a Charlotte business adviser and corporate lawyer with Boost Business and Legal Advisors, used Kickstarter to raise more than $40,000 to fund his WineShark product, a red-wine aerator designed to be used in the glass. 
And though he didn't turn to Kickstarter for his latest entrepreneurial endeavor -- an indoor gun range and retail shop set to open on Wilkinson Boulevard in September -- he's still supportive of the fundraising site and would consider using it again in the future. He's also glad the site doesn't require the same amount of data some companies do. 
"When you sign up for Kickstarter, you don't even have to use your real name," Hayden said. "A lot of my backers are just fake screen names." 
Amazon's secure-payments website handles the usernames real information, including credit card numbers, he said.
 Uptown startup hub founder Dan Roselli said, in an email Monday, that he hadn't heard many grumblings. And that though Kickstarter should take this breach very seriously, he's not going to stop supporting the popular crowdfunding tool. (For more info on new crowdfunding legislation, click here.)  
 "I think people have to come to accept the unfortunate reality that hacking is now part of our daily existence and will continue into the future," Roselli said. 
In fact, Roselli said he even sees "entrepreneurial opportunity" in the mishap: "...Launch a security grading system for companies that is done by independent third parties," he said. "Think bond-rating system. Who has AAA rating and who is at junk bond security levels. There really is no way for consumers to know on their own."
----------
Do you use Kickstarter? Then do this, the company urges: 

  • Change your password: Log in to your Kickstarter account and look for the banner at the top of the page to create a new, secure password. 
  • Use the same one on another site? Change it, too. (And reconsider duplicating passwords on multiple sites anyway.) For additional help with password security, Kickstarter recommend tools like1Password and LastPass.



0 comments: