• Home
  • Contact
  • FAQs
    • What is Webcomics.com?
    • Member Benefits
    • How To Post an Article or News Item
    • How to Post a Webcomic on the List
    • How to Post a Comic
    • Terms of Service
  • Forums
  • WebComics List
  • Benefits
    • Print Vendors: Get multiple quotes
    • Banner stand: Discount
    • Consultation discount
    • “How To Make Webcomics” book: discount
    • “Webcomics Handbook”: discount
    • ALL benefits
  • My Account
    • Welcome
    • What is Webcomics.com?
    • My Subscription
    • Join us!
  • Account
  • Membership List
Twitter Email RSS

Webcomics.com

How To Make WebComics

Webcomics Handbook

‹ NYCC: Possible crackdown on unlicensed prints? Oct 1 Deadlines: Michigan Sales tax and EMV Lia... ›

Patreon Security Breach

Patreon CEO Jack Conte has released a message to Patreon creators about a security beach on Sept. 28 through a debug version of the site that was visible to the public.

  • Users are advised to change their passwords.
  • No credit-card numbers were compromised
  • Hackers were able to access names, e-mail addresses, posts, some shipping addresses and some billing addresses.

Quoting the press release:

Yesterday I learned that there was unauthorized access to a Patreon database containing user information. Our engineering team has since blocked this access and taken immediate measures to prevent future breaches. I am so sorry to our creators and their patrons for this breach of trust. The Patreon team and I are working especially hard right now to ensure the safety of the community.

There was unauthorized access to registered names, email addresses, posts, and some shipping addresses. Additionally, some billing addresses that were added prior to 2014 were also accessed. We do not store full credit card numbers on our servers and no credit card numbers were compromised. Although accessed, all passwords, social security numbers and tax form information remain safely encrypted.  No specific action is required of our users, but as a precaution I recommend that all users update their passwords on Patreon.

Here are some technical details of the incident:

The unauthorized access was confirmed to have taken place on September 28th via a debug version of our website that was visible to the public. Once we identified this, we shut down the server and moved all of our non-production servers behind our firewall.

There was no unauthorized access of our production servers. The development server included a snapshot of our production database, which included encrypted data.

The development server did not have any private keys that would allow login access to any other server. We verified our authorization logs on our production servers to ensure that there was not any unauthorized access.

As a precaution, we have rotated our private keys and API keys that would allow access to third-party services that we use.

We protect our users’ passwords with a hashing scheme called ‘bcrypt’ and randomly salt each individual password. Bcrypt is non-reversible, so passwords cannot be “decrypted.” We do not store plaintext passwords anywhere.

As soon as we discovered this issue, our engineering team immediately prevented further access and is now conducting a rigorous investigation of our security systems. We are also engaging a 3rd party security firm to do a comprehensive internal security audit and will be implementing new tools and practices to ensure industry-leading security for our users and their data.

I take our creators’ and patrons’ privacy very seriously. It is our team’s mission to help creators get paid for the immeasurable value they provide to all of us, and earning your trust to provide that service in a safe and secure way is Patreon’s highest priority. Again, I sincerely apologize for this breach, and the team and I are making every effort to prevent something like this from happening in the future.

Jack Conte, CEO/Co-founder, Patreon

by Brad Guigar on September 30, 2015
Posted In: Marketing / Social Media
Comments available to logged in users only.



Recent comments

  • hpkomic on Managing commissions
  • Brad Guigar on Tweet and sour
  • Kulanah on Tweet and sour
  • Kulanah on Tweet and sour
  • Andrew Fraser on Tweet and sour

Search



Webcomics.com Poll

I design my comic specifically for smartphones and digital tablets.

  • Disagree (52%, 178 Votes)
  • Agree (48%, 165 Votes)

Total Voters: 343

Loading ... Loading ...
  • Polls Archive

Categories

  • Archive Dive
  • Articles
    • Advertising
    • Art
    • Business
    • Community
    • Conventions
    • Creativity
    • Crowdfunding
    • Digital publishing
    • Image prep
    • Lettering
    • Marketing / Social Media
    • Merchandise
    • Print publishing
    • Tech
    • Web site
      • Web Site Design
    • Writing
  • ComicLab
  • Edited and Ready
  • Events
  • Guest
  • Hot Seat critiques
  • Information
  • Interviews
  • Livestream Chat
  • Mail Bag
  • Member Benefits
  • Promos
  • Site News
  • Studios
  • Surviving Creativity
  • To-Do List
  • Uncategorized
  • Video
  • Webcomics Confidential
  • Webcomics Weekly
  • Webcomics.com Poll

Tags

AdSense advertising Comic Easel comments composition contract copyright creativity exercise credit cards Crowdfunding digital lettering digital publishing Facebook Google Analytics holiday Humor IP KDP Kickstarter Kindle legal lettering line weight Longform comics Manga Studio merchandise NCS panels Patreon Promotion PulsePoint readers revenue SEO shipping social media Square taxes trademark Twitter typography Web design word balloons WordPress writing

Special Features

Just now, in the forum…

  • Mixing First and Third Person Captions
  • Help with Toocheke
  • Label Printer for shipping
  • Patreon Merch
  • Pricing Your Comics

Recent Posts

  • ComicLab Ep 267 — How to turn OFF creativity
  • How to find your drawing style
  • Eisner Awards — Call for Entries
  • ComicLab Ep. 266 — Special Guest: Dr. Joe Sutliff Sanders
  • Would you hire a business manager?

Recent Replies

  • Brad Guigar on Mixing First and Third Person Captions
  • Brad Guigar on Help with Toocheke
  • Brad Guigar on Label Printer for shipping
  • Andrew Fraser on Label Printer for shipping
  • Brad Guigar on Label Printer for shipping

Recent Topics

  • Mixing First and Third Person Captions by jpactor
  • Help with Toocheke by Andrew Fraser
  • Label Printer for shipping by Andrew Fraser
  • Patreon Merch by Jaycee Knight
  • Pricing Your Comics by Jaycee Knight

Recent Comments

  • hpkomic on Managing commissions
  • Brad Guigar on Tweet and sour
  • Kulanah on Tweet and sour
  • Kulanah on Tweet and sour
  • Andrew Fraser on Tweet and sour
  • My Subscription
  • Store
  • Terms of Service
  • Account
  • Membership List

©2007-2023 Webcomics.com | Powered by WordPress with ComicPress | Subscribe: RSS | Back to Top ↑