Huffpost Technology

Kickstarter Security Bug Exposes Info From More Than 70,000 Projects

Posted: Updated:

Just a few weeks after its third birthday, Kickstarter, the crowd-funding platform behind such successful projects as inPulse's Pebble iPhone watch, is apologizing for quite a big uh-oh.

A bug launched with an update to Kickstarter's website on April 24 made accessible information from tens of thousands of fund-seeking projects, reports The Wall Street Journal.

A WSJ reporter was apparently able to download "nearly 77,000 of Kickstarter's most recent projects and drafts, dating back to mid-March, before Kickstarter plugged the security hole around 1:40pm Eastern on Friday [May 11]."

Kickstarter cofounder Yancey Strickler admitted to the security snafu in a May 13 blog post, explaining that the bug was rolled out when the site launched its API (the application programming interface through which software shares its data) and was live until its discovery and patch on May 11. In those few weeks, the bug exposed "the project description, goal, duration, rewards, video, image, location, category, and user name for unlaunched projects," wrote Strickler.

"No account or financial data was made accessible," Strickler also said in the blog post.

As Mashable points out, Kickstarter believes that only 48 projects were accessed beyond those that The Wall Street Journal was able to collect; however, Strickler made sure to emphasize the importance of Kickstarter user data to the company, writing,

Obviously our users' data is incredibly important to us. Even though limited information was made accessible through this bug, it is completely unacceptable. We want to underline once again that zero account or financial information was at any time made accessible by this bug.

Around the Web

Kickstarter 'Bug' Exposed Projects - WSJ.com

Kickstarter: The World's 50 Most Innovative Companies in 2012 ...

Kickstarter 'Bug' Exposed Projects : WSJbusiness

Kickstarter 'Bug' Exposed Projects

In its 3rd year, Kickstarter successfully raises over $119 million, taking ...

 
From Our Partners