kickstarter.com
Feb 12, 2014
A breach of Kickstarter, a US-based crowdfunding platform. The archive contains user account records in email:SHA1_hash:salt format, with some records containing NULL values for password fields. Data fields include email addresses, SHA-1 hashed passwords, and password salts. Kickstarter publicly disclosed the breach in February 2014, stating that usernames, email addresses, mailing addresses, phone numbers, and encrypted passwords were accessed. The archive was distributed via BreachForums.
Data found in this dataset
Source files
Expand any file to inspect its column headers and the LLM's field-mapping reasoning, recorded during ingestion.
kickstarter.txt3 columns5,177,030 rows
File structure
| Source column | Mapped field | Confidence | LLM assessment |
|---|---|---|---|
| 0 | high | Values contain @ symbol and standard email domain patterns (gmail.com, hotmail.com, yahoo.com, etc.) | |
| 1 | password | high | Values are 40-character hexadecimal strings consistent with SHA-1 hashes, or NULL where password data is absent |
| 2 | skip | high | Values are alphanumeric strings of varying length consistent with password salts used in SHA-1 hashing; non-PII cryptographic data, or NULL where hash is absent |
Notes: Kickstarter 2014 breach. Format is email:SHA1_hash:salt with colon delimiter. Some records contain NULL:NULL for fields 1 and 2 where password data was not available. A small subset of records (e.g. [email protected], [email protected], [email protected]) appear to have longer hex strings in field 2, possibly indicating a different hash scheme or full hash stored as salt. Breach context confirms SHA-1 hashed passwords with salts.