Patreon security team layoffs cause backlash in creator community
Patreon laid off its security team this week, according to several former employees, sparking cybersecurity concerns among users who are increasingly threatening to leave the platform.
The layoffs gained visibility after noted privacy lawyer Whitney Merrill tweeted a LinkedIn post from former Patreon privacy engineer Emily Metcalfe. “Wouldn’t trust my data there,” Merrill said on Twitter.
Patreon, which boasts as many as 8 million monthly users on its platform for fans to support creators and artists, suffered a major breach in 2015. Hackers broke into the company’s user database and released several gigabytes of internal data including usernames, email address and mail addresses. No credit-card numbers or Social Security numbers were accessed in the breach, the company said at the time.
In a statement to CyberScoop Thursday, Patreon said that the layoffs will have no impact on its security program.
“As part of a strategic shift of a portion of our security program, we have parted ways with five employees,” a company spokesperson wrote to CyberScoop in a statement. “The changes made this week will have no impact on our ability to continue providing a secure and safe platform for our creators and patrons.”
Employees have characterized the layoffs differently. “I and the rest of the Patreon Security Team are no longer with the company,” the engineer Metcalf wrote in the LinkedIn post.
Another former security employee, who wished to remain anonymous due to the terms of their severance agreement, disputed the company’s claims. That employee said that the team had already been understaffed prior to layoffs and the company had dramatically cut down on its use of external security vendors in the past four months.
“There are no qualified security personnel,” the employee said. “There is no one there to utilize the tools that we had in place.”
A company spokesperson declined to answer CyberScoop’s questions about how many security employees remained but claimed that a “a majority of our engineers and our vendors working on security remain in place.”
“We also partner with a number of external organizations to continuously develop our security capabilities and conduct regular security assessments to ensure we meet or exceed the highest industry standards,” the spokesperson said.
In reaction to the news, some creators on the platform have threatened to leave and take their subscribers with them.
“You are destroying our livelihoods by failing to provide security,” artist Suzanne Forbes wrote to the company in a tweet. “My Patreon has always been supported primarily by computer security professionals. Guess what they’re doing now? Deleting their accounts.”
CyberScoop has reached out to Forbes for comment.
This is the third layoff at Patreon in three years. Patreon laid off 36 employees last year and 13 percent of its workforce in 2020. It’s not immediately clear how many of those employees were on the security team.