When the Patreon database hack was announced, the technology industry was once again reminded why centralized solutions are not the way forward. Not only have customer email addresses been leaked, but also physical addresses and even private conversations on the platform. To make matters even worse, the entire database has now been published on the Internet, available for everyone to see.
Whenever a company’s database is hacked, there is a rightful cause for concern. Especially when that company is a crowdfunding platform like Patreon, serving customers from all over the world. According to various news sources, the entire database is 14GB in size and contains little over 2.3 million unique email addresses and passwords.
While the leak of email addresses is worrying in its own right, the database hack also includes private messages between users on the Patreon platform. Not too many personal details will be pulled from those records, but it’s never a fun feeling to know an entire conversation history is floating around on the Internet somewhere.
Patreon’s database was hacked because a debug version of the platform was not protected by a firewall. Such a major security risk was a sitting duck for hackers and hoodlums. By hacking the debug version of the Patreon platform, the hackers managed to gain access to centralized servers where all information was being stored.
Other details included in the Patreon database hack range from seeing which individual users contribute to what projects, and how many these projects creators have received in total. There is no immediate threat to passwords associated with user accounts, as they are all encrypted with BCrypt. However, that doesn’t mean these passwords can’t be decrypted, though.
For a platform focusing on content creation, Patreon has definitely dropped the ball by not properly protecting the debug version of their website. Centralized database solutions are way too vulnerable to attack, and should be replaced with a decentralized solution sooner rather than later.
Blockchain technology will play an important role in the decentralization of data storage, bookkeeping, and database solutions over the next few years. By removing the central point of failure from the equation, blockchain technology creates far more secure solutions compared to any other form of technology.
What are your thoughts on the Patreon database hack, and were you affected by it? Do you see a decentralized solution to prevent these hacks? Let us know in the comments below!
Source: Ars Technica
Images courtesy of Shutterstock, Patreon
1 Hova Villas Brighton & Hove
BN3 3DH United Kingdom
All rights reserved by Bitcoinist Ltd. | 2016.