Custom 3D printing site Shapeways has unfortunately been hacked, with some users having their user names, email addresses and shipping addresses accessed. The company released the following email to users, advising them to change their passwords.
We are currently investigating an incident involving unauthorized access to our systems. The intruders may have accessed some user names, email addresses, and shipping addresses. They did not access any model files. Additionally, the intruders did not access full credit card information because we do not store such information on our systems. We have not observed any actual misuse of your user information.
Although we protect your password with a hash in an effort to prevent malicious attackers from misusing it, to err on the side of caution we suggest that you reset your password at your earliest convenience. You can reset your password by logging into your account, navigating to the account settings page, and following the directions there for changing your password. If you use your Shapeways password for any other site, we recommend resetting the password for those sites as well. We encourage you to use strong passwords and not to reuse your Shapeways password on other sites.
As part of our investigation we are actively coordinating with law enforcement and reviewing and reinforcing our security procedures. If you suspect that someone is attempting to gain access to your account or solicit your personal information, please contact us at [email protected]
We apologize for the disruption and the extra work this requires from you. We take your security extremely seriously and will do our best to assist you through this process at [email protected]
CEO & Founder
This was also the official statement forwarded to us when asked for further comment. With most customers getting an email or a pop-up notifying them of the breach, not much more is being said.
Shapeways is just the latest in a long list of online hacks, and sadly the site won’t be the last. Luckily, Shapeways does not store payment data, so customers’ money is secure, but not all sites follow the same practice. Be wary, people of the internet.