On June 14th, CashCrate was notified of a potential breach in security of the CashCrate platform. While we're still investigating, it seems that a security flaw in an add-on in our forum software is the likely cause of this breach. The forum has been disabled until we're sure it's secure. At this time, it appears that names, email addresses, hashed and salted passwords, phone numbers, addresses, as well as basic demographic information may have been made available to hackers in this breach. Personal information our members provided in surveys and offers was not affected.
Our members security and trust is top priority, and over the past few years we've implemented several security features to protect your accounts. If you've logged into CashCrate since October 2013, your password has been hashed/salted and is secure. If you haven't logged in since then, it's possible your password was exposed in plain-text and should be changed immediately. Going forward, all passwords will be hashed and salted, no matter the age of an account.
Additionally, we have not detected any accounts which have had a payment from CashCrate compromised, nor have we received any reports from members about missed payments due to this issue. We are asking all members to immediately change their passwords to a safe and secure new password to ensure the security of their account. We will keep you up-to-date as soon as we know more.