“On Wednesday night, law enforcement officials contacted Kickstarter and alerted us that hackers had sought and gained unauthorized access to some of our customers’ data. Upon learning this, we immediately closed the security breach and began strengthening security measures throughout the Kickstarter system.
No credit card data of any kind was accessed by hackers. There is no evidence of unauthorized activity of any kind on your account.
While no credit card data was accessed, some information about our customers was. Accessed information included usernames, email addresses, mailing addresses, phone numbers, and encrypted passwords. Actual passwords were not revealed, however it is possible for a malicious person with enough computing power to guess and crack an encrypted password, particularly a weak or obvious one.
As a precaution, we strongly recommend that you change the password of your Kickstarter account, and other accounts where you use this password.
To change your password, log in to your account at Kickstarter.com and look for the banner at the top of the page to create a new, secure password. We recommend you do the same on other sites where you use this password. For additional help with password security, we recommend tools like 1Password and LastPass.
We’re incredibly sorry that this happened. We set a very high bar for how we serve our community, and this incident is frustrating and upsetting. We have since improved our security procedures and systems in numerous ways, and we will continue to do so in the weeks and months to come. We are working closely with law enforcement, and we are doing everything in our power to prevent this from happening again.
Kickstarter is a vibrant community like no other, and we can’t thank you enough for being a part of it. Please let us know if you have any questions, comments, or concerns. You can reach us at firstname.lastname@example.org.
Summary:Kickstarter was hacked earlier this week, the crowdfunding site informed users on Saturday. While the company says the hackers didn’t gain access to credit card numbers and only two users were affected, it advised all users to change their passwords.
Kickstarter was hacked Wednesday night and the crowdfunding site advised users to change their passwords late Saturday afternoon.
The hack appeared limited to just two users’ accounts, Kickstarter said. While the company says that “No credit card data of any kind was accessed by hackers. There is no evidence of unauthorized activity of any kind on all but two Kickstarter user accounts,” the hackers did gain access to other types of information — including “usernames, email addresses, mailing addresses, phone numbers, and encrypted passwords.”
In a blog post, Kickstarter CEO Yancey Strickler offered a Q&A:
“How were passwords encrypted?
Older passwords were uniquely salted and digested with SHA-1 multiple times. More recent passwords are hashed with bcrypt.
Does Kickstarter store credit card data?
Kickstarter does not store full credit card numbers. For pledges to projects outside of the US, we store the last four digits and expiration dates for credit cards. None of this data was in any way accessed.
If Kickstarter was notified Wednesday night, why were people notified on Saturday?
We immediately closed the breach and notified everyone as soon we had thoroughly investigated the situation.
Will Kickstarter work with the two people whose accounts were compromised?
Yes. We have reached out to them and have secured their accounts.
I use Facebook to log in to Kickstarter. Is my login compromised?
No. As a precaution we reset all Facebook login credentials. Facebook users can simply reconnect when they come to Kickstarter.”
Kickstarter said it’s improved its security measures and will continue to do so in coming weeks.
These days, it really seems we can’t go a week without some big site getting hacked. The latest target? Kickstarter.
Kickstarter announced on its blog (and via an email sent to customers) that hackers had found their way into certain parts of their database.
The good news: No credit card information was accessed — and even if it somehow would’ve been, Kickstarter doesn’t store full credit card numbers.
The not-so-good-news: they’ve detected that the hackers were able to access a database that contained usernames, email addresses, mailing addresses, phone numbers, and encrypted passwords. That “encrypted” bit is a bit of a plus — but given that no encryption is uncrackable with the right resources, you should absolutely change your password anyway.
Kickstarter says they were alerted to the breach by law enforcement officials (which law enforcement group, specifically, wasn’t mentioned) on Wednesday night, that they immediately closed the exploit that allowed the breach to occur, and that the last four days have been spent investigating exactly what was accessed.
Update: Kickstarter has updated its blog to answer a few questions that they were seeing a lot of. Here’s what we can glean from it:
Passwords were protected in one of two ways. Old passwords were salted and hashed with the SHA-1 protocol. Newer passwords were hashed with bcrypt
The company says it took 4 days to alert customers because they had to wait until they’d “thoroughly investigated the situation.”
Two accounts showed (unspecified) unauthorized activity; both of those accounts have been re-secured.
If you use Facebook to login to Kickstarter, the company says your FB account hasn’t been compromised. They’ve reset all Facebook tokens, which severs any ties Kickstarter has to your Facebook account until you manually give it permission again.
While freelancing in the crowdfunding space, Edward (@ejunprung) and I noticed a huge size discrepancy between Kickstarter and Indiegogo. We decided to fully size Indiegogo up and compare their numbers with Kickstarter’s publicly available statistics to see just how much bigger Kickstarter is.
6 Eye Opening Insights
Cumulatively, Kickstarter (KS) has over 110,000 campaigns while our scrape found 44,000 campaigns on Indiegogo (IGG). However, through multiple scrapes over a month, we discovered that IGG de-list failed campaigns that raised less than $500.
KS ($612M) has successfully raised over 6 times more dollars than IGG ($99M).
KS has had 40 projects raise $1M+ while IGG only has had 4.
The average success rate on KS is 44%. Based on the total number of campaigns we found in our scrape, we calculate IGG’s success rate to be 34%. However, if we factor in the de-listed failed campaigns, IGG’s success rate drops significantly.
At the time of the scrape, KS and IGG had near the same unsuccessful dollars (KS $83M vs IGG $71M) despite KS raising over 6 times more money
40% of dollars that IGG raised were generated from campaigns that raised more than $100,000
Widely considered the number two crowdfunding site based on volume, it is shocking to see that Indiegogo is so massively behind Kickstarter. It looks to us that Kickstarter has cornered the most lucrative part of the crowdfunding market, leaving competitors like Indiegogo to fight for the scraps in far poorer niches. With its openness, Indiegogo was supposed to take advantage of the lucrative long tail of crowdfunding, but that is turning out to be a worth a lot less than expected as evidenced by the huge long tail of failed projects. For the crowdfunding market, it seems that quality is worth a lot more than quantity.
We tried our best to confirm our numbers, but the only data about Indiegogo we could find regarding the amount of projects or money raised was in a Verge article, which stated that there were 142,301 campaigns with a 9.3% success rate. The Verge’s 9.3% success rate out of 142,301 projects corresponds with the total number of successful campaigns we counted.
We built a bot that scraped IGG’s projects section, which supposedly contains all campaigns ever launched. On August 17th when we ran our bot, Indiegogo had about 4900 pages of campaigns. The bot navigated through each page and grabbed the campaign page URL, amount raised, percentage of goal raised, category and time remaining on the campaign. We then threw the numbers into Excel and replicated Kickstarter’s stats table using IGG’s numbers.
Kickstarter is undoubtedly the top crowdfunding site in the world, with over $480 million pledged in 2013. For projects outside of the five countries (the U.S., UK, Canada, Australia, and New Zealand) the platform is available in, however, launching a campaign is very difficult. That’s where Melbourne-based Pozible comes in. The site recently launched in Singapore and Malaysia, the first step in its Asia-focused international expansion strategy. Over the last three years, more than 5,000 projects have raised a total of $16 million AUD (about $14.3 million USD) on Pozible, which also offers a low-cost e-commerce platform.
But Pozible wants to differentiate with its ‘grassroots engagement’ strategy, as well as being the first global platform to focus on Southeast Asia, co-founder and director Rick Chen told me in an email.
Pozible’s wide-range of funding option, including Bitcoin, is meant to make international contributions easier. It accepts more than 25 currencies.
Chen told me in an email that Pozible, which is open to creators in every country, is “a ‘wide open’ platform, in the sense that as long as the project has a clearly defined creative outcome, we are very happy to accept them.”
The site does have a review process, but it is a quick one, and Chen says the platform is especially popular for film, music and art projects. Pozible takes a 5% cut of the total amount pledged for successful campaigns. It also allows creators to continue using their campaign pages to sell products and takes 5% off a product’s selling price, but does not charge monthly or transactional fees.
The startup is tracking support for projects in more than 105 countries and has “big plans for international growth.”
“As we’ve only opened up access to non-Australian markets recently, our user base is still heavily Australian (more than >60% of traffic), followed closely by U.S., Europe and Asia traffic,” Chen tells me. “We’re working to build up our user base in Asia, and these efforts are already starting to show developments, with an increase in Asian projects and Asian web traffic.”
Pozible offers several funding models, including private crowdfunding, subscription crowdfunding, and self-hosted crowdfunding, which launched earlier this week. Private crowdfunding works is similar to CrowdTilt and is meant for small businesses or groups of friends who don’t want to make their project public. Subscription-based crowdfunding allows people to open monthly subscriptions to their supporters. Pozible’s self-hosted crowdfunding allows project creators who already have large following on their sites to launch their own crowdfunding service.
The platform puts extra effort into building community engagement by holding workshops and programs throughout Australia to familarize people with Pozible. Chen says they plan to duplicate those events in various Asian cities.
Though the site is especially popular among artists and musicians, it has hosted a wide variety of projects ranging from academic research to “Patient 0,” a ‘real-life’ zombie role-player game, which raised $243,480 AUD (about $217,000 USD), the highest amount by a Pozible campaign so far.
“Pozible works very closely with our projects, which is why we have a far higher success rate (56% vs Kickstarter’s 43%),” says Chen. “We constantly host Pozible workshos in the cities we work in; at these workshops, we reach out to specific communities and interest groups and we tailor our approach to make sure they get the education they need in order to optimize their chances of crowdfunding success.”
So, I’m doing a Kickstarter for my debut novel Nefarious Twit …
… and I’m halfway through the campaign and I’ve reached a little more than half the funds I need to achieve my goal and I am quietly dying inside not knowing if I’m going to make it. It’s been absolutely marvelous. So what’s your book about, McMillen? Why thank you for asking, attractive reader.
Madness. Murder. Children’s literature. Nefarious Twit is about all those things.
It’s also about 300 pages long, contains 14 full-page illustrations, and took me about 6 years to finish.
Oh wait, here’s my Kickstarter video for it to explain more:
It is, and I only have until November 9th to raise the cash for it, so feel free to throw money at it and get yourself a copy now, thanks.
You may have noticed by now that this article appears to be a thinly veiled piece of propaganda created by the author to promote the Kickstarter for his debut novel. Well yeah, of course it is.
This book is my baby, what wouldn’t you do for your baby if it needed help?
Didn’t you listen to Benedict Cumberbatch’s Khan speech from Star Trek Into Mediocrity when he was like, “Yeah, to save our families (grown ass babies) we’d all do terrible things.”
Didn’t you see John Q with Denzel? You know, Denzel Washington, the best actor ever? He’s so darn cool, he’s so darn clever.
(The dude from Malcolm X and Mo’ Better Blues, also Remember the Titans. Did you forget abut the Titans?)
In John Q, Denzel takes an entire hospital hostage to get his kid the operation he needs. So yeah, I will straight up John Q 5 minutes of your internet reading time and get my baby Nefarious Twitwhat it needs to survive. But hey, at least this is fun propaganda.
But here’s the other reason why I’m writing this. One lesson I’ve learned again and again while launching this Kickstarter and whenever I set goals for myself in general is this:
Ultimately, you’re on your own. At least at first.
So, if you plan on doing any sort of creative endeavor, listen to what I’m about to spread on your bread.
You’re on your own? But isn’t the whole idea of Kickstarter that you’re reaching out into the cozy, nurturing arms of Mother Internet and asking her to help you nurse your precious, beautiful dreams into fragile existence?
Yeah, but to get the old broad to listen, you’re going to have to do a lot of work in order for your cries not to be drowned out by the countless similar pleas for attention that every other artist without a checkbook is flinging her way. And this is not the internet’s fault.
We are all bombarded every day with so much information online that it’s a wonder we’re not all drooling George Romero extras. Though sometimes….
And just to clarify:
Absolutely, I have been lucky enough to get help for my book even before Kickstarter.
I have had friends read drafts of it, my good buddy Daniel Singleton made the logo for the book (and it turned out exactly how I wanted it, which never happens) another good friend Tom Majkut from the excellent band Look Sharp shot my Kickstarter video for me. I’ve also had other authors, editors, and agents who’ve taken the time to give me their opinions on my writing.
Plus, all the people who have already donated their hard-earned money to the Kickstarter and/or shared the project online, to all of them I sincerely say thank you so much.
Even if this kickstarter doesn’t make it, I thank you for trying on this thing with me, for supporting and believing in me.
But even with all that, nobody is going to believe in your dreams like you are.
How could they? This is your dream, not theirs.
I don’t care if it’s your girlfriend, boyfriend, best friend, husband, wife, life partner, brother, sister, mother, or father. Yes, they’re going to give a shit, but not any more than is reasonable. After all, these people have their own lives, and their own dreams to make real.
Support them and let them support you back.
Just don’t get too disappointed if their zeal for your one-person, alt-history, feminist reimagining of ThunderCats performed entirely in a language you made up does not exactly match your own. It doesn’t mean your idea sucks, it doesn’t mean your supporter sucks. It just means no one is going to love your baby like you are. That’s what makes it your baby.
So you’re on your own there. But you will get some help. Here’s why:
Remember back when I said we’re bombarded everyday online with so much information? I was wrong. The truth is that we actually subject ourselves to our daily deluge of information. Which is a good thing for DIY’s like us who want to get the word out about our projects.
Because it means that people online voluntarily open themselves up to new ideas.
New stuff, new people, new creativity. Sure, some people just want to watch Hulu and play Farmville, but you don’t want to reach those sociopaths anyway.
You want your project to get in the paws of likeminded seekers, that like you, are all about getting in on the ground floor of the cool new things that pop culture is doing.
Some call these folks early adopters, I just know that when it comes to creative pursuits and the kindhearted and forward-thinking people who take a chance on them, that these are the people I want to hang with.
These are the same people who got into punk when the first snarled “1,2,3,4!” erupted from Dee Dee Ramone.
They’re the same people who discovered modern poetry when they listened to Ginsberg’s Howl read aloud by its author for the first time at Six Gallery in San Francisco.
They’re the same people who saw Star Wars when it first opened and told their friends that they had to go see this movie.
Kickstarter isn’t some lemonade stand, it’s Virginia Woolf selling the first copies of Orlando out the back of a truck.
(An old timey truck, sure)
It’s Jack Kirby going door-to-door telling neighbors the good news that Galactus is coming and that Kirby can sell you a front row seat to his arrival.
It’s Kurt Cobain filming a video showing him playing his guitar and singing something about feeling stupid and contagious then telling you that he needs your help so he can record his band’s second record with a good producer like Butch Vig.
I’m not saying that all the various creative industries are dying out or even that they should be. I am saying though that things are changing and Kickstarter is becoming more and more of a viable option to help people reach a wider audience . And that the internet helps those that first help themselves.
Also I’m comparing myself to geniuses.
DONATE TO NEFARIOUS TWIT’S KICKSTARTER BEFORE NOV. 9TH BY CLICKING HERE.
PowerUp’s module has an ultralight weight mini-computer on one side that is about the size of a quarter. Bluetooth low energy connects it to your smartphone, and a lithium battery power pack charges it. A thin carbon-fiber frame connects the computer to a little propeller on the other end.
The basic package comes with one module and one spare propeller and costs $30.
You attach the module to the paper airplane using PowerUps clips. From the iPhone app, you can tell the plane to ascend and descend using the “throttle lever,” tilt the phone right or left for maneuvering, and check indicators for charging status, battery level, thrust level, direction, and range.
Goitein said the plane can get 10 minutes of flight on one charge and has a controllable range of 180 feet.
He first found the inspiration for this project in 2008 when he was teaching aerodynamics to underprivileged kids in the evenings. The product has gone through multiple iterations over the years. The Kickstarter campaign for PowerUp 3.0 launched in November.
PowerUp should ship to all backers in May. It should be available for wider purchase in June. An Android version is in the works.