The popular crowdfunding website Kickstarter was hacked last week, the crowdfunding destination says.
Kickstarter sent an email to all users Saturday saying that hackers had made off with user data in the security breach. Two users accounts were compromised, Kickstarter said in an update on its website.
No credit card data was obtained in the attack, which began Wednesday night. The hackers were able to obtain access to usernames, email addresses, mailing addresses, phone numbers and encrypted passwords.
"Actual passwords were not revealed, however it is possible for a malicious person with enough computing power to guess and crack an encrypted password, particularly a weak or obvious one," the Kickstarter site said in a blog post. "As a precaution, we strongly recommend that you create a new password for your Kickstarter account, and other accounts where you use this password," the blog added.
Users who use Facebook to log into the site must reconnect the next time they access Kickstarter.
The company, which has 5.9 million users that have pledged $980 million on fledgling projects, said that it was informed of the attack by law enforcement and "immediately closed the security breach and began strengthening security measures throughout the Kickstarter system."
As of Saturday, Kickstarter's site said, "There is no evidence of unauthorized activity of any kind on all but two Kickstarter user accounts."
Follow Mike Snider on Twitter: @MikeSnider