Online fundraising site Kickstarter says hackers got some of its customer data.
Kickstarter co-founder Yancey Strickler said in a blog post that hackers accessed usernames, email addresses, phone numbers and passwords. The passwords are encrypted, but the company said it's possible for a hacker to guess a weak or obvious password. It recommended that users change their passwords.
Hackers did not get credit card information, said New York-based Kickstarter, but two accounts saw unauthorized activity.
Kickstarter is one of dozens of crowdfunding websites that let people raise money from donors for projects. Kickstarter campaigns have included Zach Braff and Spike Lee movies, a local brewery, arts projects and business startups.
The breach was disclosed Saturday on the Kickstarter blog. The company said it learned about the breach from law enforcement on Wednesday and closed it immediately.
"We're incredibly sorry that this happened," Strickler wrote. "We set a very high bar for how we serve our community, and this incident is frustrating and upsetting. We have since improved our security procedures and systems in numerous ways."