Crowdfunding site for artists and creators, Patreon, fell prey to a data spill on Thursday, with over 15 GB of usernames, email addresses, site source code and shipping details leaked to the public.
The incident occurred when a development version of the site was made live on September 28, allowing access to the company’s debug server and user database.
The website’s founder, Jack Conte, issued a security notice and public apology on Friday confirming the breach and strongly urging users to change their passwords.
The breach constitutes a serious violation of privacy for the site’s many anonymous users, with personal messages and full names now publicly linked to these accounts. Identity theft following this attack is now a major concern.
Luckily, user passwords and financial details are reported to be heavily encrypted.
BreachAlarm has now imported the 2.3 million compromised accounts to our database, and have issued email notifications to affected subscribers.
If you’re not a subscriber, you can also check your email with us to see if you’ve been affected.
As always, all account holders on Patreon are advised to update their passwords as soon as possible.