[Sigh] like I don't already put up with enough bullshit from stalkers and hackers on the daily.
Patreon sent me an e-mail message a week or two ago, letting me know that they had had what they (like everyone else) euphemistically termed a "security breach," meaning they got hacked and a bunch of users' data got stolen. They assured me that everything would be fine.
Obviously not.
Now, here's the deal: I didn't finish entering all the data, because I wasn't convinced their clunky, clumsy interface would work for me or for patrons (guess what? it didn't). So some of the threat is undiluted bullshit. That's not the point.
The other deal? There is no — I repeat, NO — e-mail contact anywhere on the Patreon site for communicating such concerns, much less forwarding the threat so they can turn it over to their legal team or whatever. I finally found, at long last and only via the trial and error process of asking stupid-ass questions in their knowledge base interface, a "disable" e-mail. I don't want my account "disabled"; I want them to torch that motherfucker.
This is absolute shit service. For people handling funds belonging to other people? It's utterly inexcuseable. If you've registered there for any reason, as creator or as patron, I suggest you get your data out NOW.
ll content, including photos and text, are copyright Aji, 2015; all rights reserved. Nothing herein may used or reproduced in any form without the express written permission of the owner.
Does Patreon even ask for all of that data? Why would they even need anything beyond maybe an email address, to credit your paypal account, for instance?
ReplyDeleteI think an awful lot of websites got 'big' fast, and never really had nearly enough security onstaff. One of the reasons I was always actually a bit happy that my old boss never got around to giving me shares in the company was that I was worried about what would have happened if we'd had any similar breach during the time clients were using our software. A couple hundred thousand users were using our site software, using their credit cards to make purchases on our site, and my number one fear was that we would get hacked and their data would get spilled.
Well, in my case, I didn't go forward with the second stage of account set-up. I only ever had one "Patron," who sent through a test donation (everyone else preferred to use PayPal, I guess because it was a known quantity), and she reversed it early on and reverted to PayPal. Their interface is clunky and it's abundantly clear that their security is lacking, so I'm glad that the only data of mine that was "exposed" is stuff that's already out there publicly. But it's still unacceptable, and so is their lack of making clear and direct contact links available.
Delete