What you need to know about Patreon’s data breach

    
38

Patreon, the platform we use for ongoing crowdfunding of Massively OP, recently suffered a data breach. We do not have any reason to believe that usable sensitive data were yoinked at all, let alone from our specific Patrons, but we wanted to keep you apprised. Here is the email we were sent this morning:

Dear Massively Overpowered,

Yesterday we learned that there was unauthorized access to a Patreon database containing user information. Our engineering team has since blocked this access and taken immediate measures to prevent future breaches. We apologize to you for this breach of trust. The Patreon team is working especially hard right now to ensure the safety of the community.

There was unauthorized access to registered names, email addresses, posts, and some shipping addresses. Additionally, some billing addresses that were added prior to 2014 were also accessed. We do not store full credit card numbers on our servers and no credit card numbers were compromised. Although accessed, all social security numbers and tax form information remain safely encrypted, and all passwords securely hashed. No specific action is required of you, but as a precaution we recommend that all users update their passwords on Patreon.

For further details, we encourage you to read this update from our CEO and reach out to us with any additional questions at security@patreon.com.

Sincerely,
The Patreon Team

So it appears that the hackers captured primarily names and email addresses. Passwords and financial data appear to be safe. Massively OP’s Patreon program began in May of 2015, so if you signed up for Patreon just for us, your billing addresses should be fine (if you signed up long before that, though, the hackers might have your billing address as well — thanks Sally for reminding us of this). Following Patreon’s advice to change your password is standard procedure.

We’ll keep you posted as we learn more, but for now, we don’t have any reason to panic. As always, we appreciate our Patrons!

newest oldest most liked
Subscribe to:
Tandor Shadewalker
Guest
Tandor Shadewalker

breetoplay Tandor Shadewalker Thanks for the confirmation, Bree.

Rebel Engie
Guest
Rebel Engie

Alyndale I don’t know.
The last time I’ve heard something like this, it happened to SOE.
Remember SOE?
Yeah, it was a long time ago.

breetoplay
Guest
breetoplay

Jacra They’re talking about from creators, like us. We have to submit those things in order to legally collect your money. You folks won’t have submitted them.

paragonlostinspace
Guest
paragonlostinspace

breetoplay paragonlostinspace Nordavind  LOL! I know right!

Jacra
Guest
Jacra

“Although accessed, all social security numbers and tax form information remain safely encrypted,”
Wut? What social security numbers and tax forms??

breetoplay
Guest
breetoplay

paragonlostinspace Nordavind If someone gets hold of my master password AND my database, call the popo because I’ve been kidnapped and so has my rig!

breetoplay
Guest
breetoplay

SallyBowls1 Oof, good point. Let me update that to be more clear!

breetoplay
Guest
breetoplay

Tandor Shadewalker Yup, nothing to do with Kickstarter or Livefyre. If you’ve never signed up for Patreon or donated money through it specifically, your data are completely and utterly unaffected and held by a totally different company entirely. :)

Lheiah
Guest
Lheiah

Password changed, thanks for the heads up MOP.

Tandor Shadewalker
Guest
Tandor Shadewalker

SirMysk agemyth Well, it certainly prevents you from having to watch all those terrible reality TV shows :)!