Last month, Patreon suffered a security breach involving its user account database. Patreon co-founder Jack Conte quickly downplayed the breaches involved, but now, a number of Patreon users are receiving extortion threats if money isn’t deposited into a specific Bitcoin wallet.
If that doesn’t happen, the hackers are threatening leaks of personal data like credit card numbers and social security details.
Exactly how those emails were obtained is the scary question, especially for users on the receiving end. In a letter to Patreon account holders and donors in October, Conte advised changing passwords, while assuring that private information like credit card numbers were not compromised.
In the wake of the latest threat, Conte issued this email to users:
I learned yesterday evening that some Patreon users have been receiving a scam email. The sender claims to have the recipient’s SSN, credit card number and other personal information. I want to assure everyone that the claims in this email are false, and we are already working with federal law enforcement. Do not reply to the email—it is a scam. The tax forms we store are securely encrypted with RSA 2048-bit encryption, and we do not store full credit card numbers.
If you receive this email I suggest you flag it as spam and ignore any further emails. Do not reply.
Jack Conte, CEO/Co-founder, Patreon
More as this develops.