Kickstarter’s Breach and the Dark Side of Crowdsourcing

In February 2014, pioneering crowd funding platform Kickstarter was hacked. Data about millions of account-holders was vulnerable, though no unencrypted passwords were taken. The power of crowdsourcing is also its greatest danger. By creating a virtual space where millions of people interact, share ideas, and often contribute money, crowdsourcing also creates an irresistible target for hackers and other entities with ill intent. This doesn’t mean that crowdsourcing is inherently bad — quite the contrary. It just means that crowdsourcing platforms and those who use them need to be aware of a variety of unique security concerns to keep the system safe for all involved.

 

What is Crowdsourcing?

 

Technically speaking, crowdsourcing is any attempt to reach out to large numbers of people to support a project. This can be in the form of ideas, creative contributions, funding, or a variety of other forms of input. Crowdsourcing doesn’t require the Internet to work, but by far the most successful crowdsourcing systems have been on the Internet.

 

Kickstarter is a pioneer in a particular kind of crowdsourcing called crowd funding, which, as the name suggests, is primarily concerned with generating donations from a large number of participants in support of projects. Another famous case of Internet crowdsourcing was the genome-mapping game, created by McGill University to turn online gamers into a sort of crowdsourced super-computer of scientific research.

 

Security Concerns in Crowdsourcing

 

There are two major points of concern for the security of crowdsourcing platforms: data security and intellectual rights management.

 

Because crowdsourcing necessarily requires input from a large number of users, sometimes anonymously, platforms and even individual projects can gather sensitive personal data about millions of people all over the world. Minimally, this means identity information like a user’s name, address, phone number, and email address, but it can also cover more valuable things like bank accounts and credit card numbers.

As with similar data breaches in major retail chains like Target, a data breach in a crowdsourcing platform can mean passwords and credit card numbers belonging to millions of people falling into the hands of hackers and thieves.

 

On a slightly more esoteric level, crowdsourcing also bumps up against intellectual and creative property concepts like copyright and original ideas. This is one of the reasons major corporations don’t turn to crowdsourcing for their own projects. Competitors would have just as much access as anyone in the crowd, leaving an original idea vulnerable to theft and development elsewhere.

 

Evolving Technology

 

As mobile technology overtakes personal computers, the security needs of crowdsourcing platforms and those who use them continue to change. A lot of home and business Internet networks using PCs are relatively safe with strong passwords, signal encryption, and anti-malware practices, but a lot of these security features and behaviors haven’t caught on as strongly in the mobile market. Furthermore, a growing number of smartphone users are engaging in major transactions, including crowd funding contributions, now that data packages in no contract cell phone plans are robust enough for desktop-equivalent Internet use.

 

Safe Mobile Transactions

 

Mobile users need to start treating their devices like their PCs in terms of security. All modern smartphones and tablets already have encryption systems built in, but they still rely on users creating strong passwords to make them work properly. A strong password is one that’s at least eight characters long, uses a mix of letters, numbers, and symbols, and doesn’t relate to anything an outsider would be able to guess about you from more easily obtained information (birth dates, pet’s name, etc).

 

Mobile users should also only download new apps from trusted sources to avoid installing malware on the device. These behaviors are doubly important when the user engages in any financial transactions via mobile device.

 

There are upsides and downsides to all new technology and the things new tech makes possible. Whether it’s data security in a crowdsourcing platform or personal peace of mind when switching from a PC-dominated lifestyle to a mobile-focused system, it pays to be smart and safe about data management. Problems like the Kickstarter breach will continue to be a fact of life, but everyone can go into their transactions better prepared.

 

Image via Flickr by Jason Hargrove

 

Founder Of LineshJose.Com, coder, thinker, geek, music addict also design and build awesome softwares for living.