Tech content trusted by users in North America and around the world
6,724 Reviews & Articles | 46,114 News Posts
TRENDING NOW: Scientists invent neural lace, can connect your brain to a computer

Kickstarter API bug allowed 70,000 unpublished projects to be visible by public

Kickstarter bug allows 70,000 projects to be publicly visible before publishing
| Internet & Websites News | Posted: May 14, 2012 4:29 pm

Programming bugs almost always make their way into production code through some inadvertent way. This time it is Kickstarter who has found a flaw in some of its code. This bug allowed access to 70,000 unpublished projects' project description, goal, duration, rewards, video, image, location, category, and user name.




On the Kickstarter Blog, they have made it abundantly clear that no financial data was ever publicly visible. Of the 70,000 "visible" projects, only 48 were viewed, and that includes views by the Kickstarter team trying to verify and patch the bug. The bug had been introduced into the code with the April 24 homepage redesign.


The bug was introduced when we launched the API in conjunction with our new homepage on April 24, and was live until it was discovered and fixed on Friday, May 11, at 1:42pm. The bug made accessible the project description, goal, duration, rewards, video, image, location, category, and user name for unlaunched projects. No account or financial data was made accessible.


Based on our research, the overwhelming majority of the private API access was by a computer programmer/Wall Street Journal reporter who contacted us. Outside of that person's use, our research shows that a total of 48 unlaunched projects were accessed during the three weeks this bug was live (this number includes a number of views by Kickstarter's developers working on the API itself).


Related Tags

Got an opinion on this news? Post a comment below!
Subscribe to our Newsletter

Latest News Posts

View More News Posts

Forum Activity

View More Forum Posts

Press Releases

View More Press Releases