Patreon is a popular crowdfunding platform, providing “recurring funding for artists and creators”. I was considering using it myself. I’m glad I didn’t.
Almost two months ago, Patreon suffered a security breach, and several gigabytes of data including a copy of their production database and their source code were leaked on the internet. An article at Ars Technica covers some of the details of the breach.
As I read the press release from Patreon about this incident, my feeling was of utter disbelief, particularly when reading these two points (emphasis mine):
- “The unauthorized access was confirmed to have taken place on September 28th via a debug version of our website that was visible to the public. Once we identified this, we shut down the server and moved all of our non-production servers behind our firewall.
- “There was no unauthorized access of our production servers. The development server included a snapshot of our production database, which included encrypted data.”
I’m not sure whether I need to explain why having your development environment publicly accessible, and why using production data in your development environment, are both very stupid things to do. Either way, now I don’t need to explain that. What happened to Patreon shows exactly why no one in his right state of mind would do this.
Further down, Jack Conte, CEO/Co-founder of Patreon, writes:
“I take our creators’ and patrons’ privacy very seriously.”
Sorry, but given what happened here, I find that very hard to believe. It doesn’t matter what steps are being taken to increase security. It’s already too late. People’s private data are now on the internet, and there’s no going back.
So if you want to spare your company a lot of embarrassment, here’s what you need to take away from this incident:
- Keep your development environment isolated from your production environment.
- Use dummy data, not production data, in your development environment.