Hackers Hit Forbes, Kickstarter

Customer Data Compromised in Both Incidents
Hackers Hit Forbes, Kickstarter

Forbes magazine and fundraising site Kickstarter are advising their users to reset their passwords after hackers accessed their systems in apparently unrelated incidents.

See Also: Are You APT-Ready? The Role of Breach and Attack Simulation

Forbes reports a data breach exposed the e-mail addresses for all those registered on its Forbes.com. website. The company didn't reveal the number of individuals affected.

The publication is warning users to be wary of e-mails purporting to come from Forbes that could be part of a phishing attack, according to a notice posted on its website. Law enforcement has been notified of the incident.

The Syrian Electronic Army has claimed responsibility for the attack on Forbes, referencing the incident on the group's official Twitter account. The hacktivist group apparently supports Syrian President Bashar al-Assad and targets political and media sites its members feel are biased against the Syrian government.

A spokesperson for Forbes says the publisher is making adjustments to its website to protect online privacy and editorial integrity. "We've been looking into and monitoring the situation closely," the spokesperson says.

Breach Impacts Fundraising Site's Users

Meanwhile, Kickstarter has announced that it was notified by law enforcement last week that hackers gained unauthorized access to customer data. The company didn't reveal how many were affected.

Compromised information includes usernames, e-mail addresses, mailing addresses, phone numbers and encrypted passwords, the company said in a statement. The actual passwords were not revealed, but Kickstarter warns an individual with enough determination could crack an encrypted password.

No credit card data was accessed by hackers, Kickstarter says, and only two user accounts have evidence of unauthorized activity so far.

The company is encouraging users to create a new password for their accounts, as well as for other site accounts that use the same password.

"We're incredibly sorry that this happened," Kickstarter CEO Yancey Strickler says in a statement. "We set a very high bar for how we serve our community, and this incident is frustrating and upsetting."

Kickstarter says it's working closely with law enforcement and is taking steps to improve its security procedures and systems. No one has claimed credit for the attack so far.

The company did not immediately respond to a request for comment.


About the Author

Jeffrey Roman

Jeffrey Roman

News Writer, ISMG

Roman is the former News Writer for Information Security Media Group. Having worked for multiple publications at The College of New Jersey, including the College's newspaper "The Signal" and alumni magazine, Roman has experience in journalism, copy editing and communications.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing databreachtoday.eu, you agree to our use of cookies.