Some designers who registered with Hatchwise.com or eLogoContest.com may be getting a nasty surprise – a breach notification:
On or about August 5th, 2014, an intruder illegally gained access to a Geekface LLC server. The data accessed included personal information such as names, addresses, birth dates, usernames and passwords, and social security numbers. The data accessed did not include any account numbers, credit or debt card numbers or other financial information.
The notification, signed by George Ryan, CEO of Geekface/Hatchwise, does not offer those affected any free credit monitoring services. The letter is totally silent as to whether any of the data were encrypted or hashed, but as another letter suggests, there may have been some encryption for at least some of the passwords. Whether there was any encryption for dates of birth or SSN was not reported.
Not everyone affected by the hack was a designer. Others who registered with Hatchwise.com or eLogoContest.com were informed that their email addresses, usernames and passwords were accessed. In their case, the data did not include any account numbers, credit or debt card numbers or other financial information.
“While the majority of the passwords on the server were encrypted at the time, a number of them were not. We are requesting that all users reset their password on http://www.hatchwise.com. Also, as a precautionary measure, we are advising all users to change their passwords on any other accounts or websites where they may have used the same password,” George Ryan wrote in their notification letter.
Geekface™ did not disclose the total number of individuals affected by the hack.
Hatchwise advertises that it has over 18,000 designers and writers; eLogoContest.com redirects to Hatchwise.com.
There does not seem to be any breach notification on Geekface or Hatchwise’s sites at the time of this posting.