Unfortunately Kickstarter can now add its name to the list of reputable brands who’ve been hacked. Kickstarter announced on it’s blog that they were the victim of a hack last week. The silver-lining for Kickstarter (and its users) is that the scale of the hack pales compared to the likes of what happened to companies like Target.
“No credit card data of any kind was accessed by hackers. There is no evidence of unauthorized activity of any kind on all but two Kickstarter user accounts.” – Kickstarter blog.
Although not “large”, a hack is a hack. I’m just glad it didn’t end up worse for Kickstarter. Above and beyond the obvious effect that this kind of hack has on user trust and the Kickstarter brand, here are two other things to consider:
- Nothing is sacred. For many, Kickstarter is a means to accomplish a dream – start a new business, fund the development/manufacturing of an invention, cover the cost of recording a music album, and much more. Users who give their personal information are doing so with the intent to fund and support someone’s dream. No one ever wants to know that their personal information is compromised. You especially don’t want to know it was compromised because you gave money to a good cause.
- No matter how small, a hack sends shockwaves through your operations. Kickstarter reported that by Sunday, February 16 (just a few days after the hack), they had responded to more than 5,000 inquiries about the hack. The organization has approximately 40 employees dedicated to working with their community of users. That’s about 125 not-anticipated inquiries handled per employee over the course of a few days. Imagine the strain put on operations and the other day-to-day activities that these employees engage in.
I have no doubt that Kickstarter will rebound from this setback. It seems like everyone I know has heard a Kickstarter success story and I’m sure that we’ll continue to see many more. Any company providing as meaningful a service as they do (and who do it was well as they do) will come out on top in the long run.
Simply another reminder that organizations, no matter what their size and purpose, need to be more conscious about security.