Hackers Release Data of 2.3 Million Patreon Users

1002_PatreonHack
Personal information for 2.3 million Patreon users and creators was leaked on Thursday by hackers. REUTERS/Kacper Pempel

The popular crowdfunding website Patreon became the latest casualty in a string of large-scale data breaches, as hackers released 2.3 million users’ personal information on Thursday.

Included in the data dump: 15 gigabytes worth of usernames, email addresses and shipping addresses, among other information. The hackers released the data shortly after Patreon CEO Jack Conte announced Wednesday night that there had been an unauthorized access into the company's database and apologized for the breach.

Conte wrote on Patreon’s company blog that no credit-card numbers, security-card numbers or tax forms were compromised, as they are not stored on Patreon’s servers.

“I take our creators’ and patrons’ privacy very seriously,” Conte wrote. “The team and I are making every effort to prevent something like this from happening in the future.”

Patreon provides a subscription system for users to donate directly to artists, musicians, journalists and vloggers. Since its founding in 2013, the company has seen immense growth. By May, Patreon doled out more than $2 million per month to its creative community, whose most famous members include best-selling author John Green and his brother Hank Greensinger Amanda Palmer and tech journalist Tom Merritt.

Patreon has been protecting its passwords using a hashing scheme called “bcrypt,” which was the same protection AshleyMadison.com was using before its infamous security breach. Although bcrypt remains one of the strongest password protections on the market today, it’s not uncrackable.

In Wednesday’s announcement, Conte advised Patreon users to reset their passwords as the company runs a security audit with a third-party firm to prevent future attacks.

To check if your email address has been compromised via the Patreon hack (or any previous large-scale hacks), go to haveibeenpwned.com, type in your address and cross your fingers.