Earlier this week we published an overview on the data leak from the Patreon website as the first of a two-part article. Following this last post, we present now a small analysis on such data, in order to see some of the interesting pieces of information that can emerge.
As we have seen in our last blogpost, a lot of the leak's data concerns users' private information. Needless to say that such data cannot and will not be explicitly revealed, as we at BinaryEdge want to protect privacy above all.
Additionally, a lot of the data concerned authentication and website maintenance, which in itself does not contain any valuable information for analysis.
Hence, our exploratory data analysis will be focused on the following main topics:
- Who are the users of the website and how many are they?
- What are the users of Patreon aspiring to?
At this point, and before we show any analysis at all, it's very important to remember the nature of the original hack itself. The hackers who leaked the data originally obtained it due to a database exposure. This means that the data not only could be accessed, but also altered, which in turn might compromise the results presented here. In fact, some fields of the tables clearly show attempts of injection attacks:
That being said, the analysis made was based on the facts gathered from the data that was made public, whether it's content is true or not.
Who are the users of the website and how many are they?
One of the most interesting topics to explore with this kind of website is related to the users. Specifically, it's interesting to begin by knowing where they come from, as a measure to understand how relevant is the website (at this point in time) over the world.
We then begin our analysis by taking a look at the distribution of users worldwide:
As one can imagine, the vast majority of users comes from the USA, with only a small portion coming from other countries such as Brazil, Canada and Australia.
The fact that the users are not well distributed over the world can mean many things. It could mean for instance that the website hasn't really taken off yet. Also, one should keep in mind that the results presented on the map above are just total counts and are not normalised for population, meaning that any interpretation should take that into account.
Following this thought, it would be helpful to check the growth of the website (in users) over time. Below, we exhibit the count of newly joined users over time, per month.
The data regarding the user accounts creation dates only dates back to April 2013 and goes all the way up to August 2015. From this data, we can see that the website has shown a slow but steady increase in users up until August 2015. At this point in time, the number of accounts inexplicably increased exponentially. We could not find any data that explains the reason of this growth.
One other thing that caught our eye about the users, was a textual field called "About" - which is basically how they describe themselves. Below we can see a wordcloud created with these descriptions.
By taking a quick look at the most popular terms in the "About" field, one can figure that the website is mostly popular among artistic types, judging by the frequency of terms such as "art", "artist", "music", "video", etc.
But what are these users really trying to accomplish on the website?
What are the users of Patreon aspiring to?
The users on the Patreon website can publicise their work through "campaigns". These campaigns have various types, relating to the kind of content that the users are trying to create.
The bar chart below shows the top 20 campaign types:
Not surprisingly, the most popular types of campaigns include art, videos, music and games, which are some of the most popular terms on the previous wordcloud.
However, it's important to notice that the campaign types are not normalised, since this data was retrieved from a free text entry field. This is why there are many types showing that can have the same meaning.
When filling out the details of a campaign, users have the opportunity to fill some textual fields describing their work and what are they trying to accomplish. One of these fields is a one-line description. Below there is a wordcloud if these one-liners.
Once again, we can see clearly the popularity of art related words, same as before.
These campaigns usually have monetary goals, with one campaign being able to have many goals. One interesting piece of information that we can retrieve is the distribution of goals per amount, i.e. how many goals are there asking for a certain amount of money.
The histogram shown below, describes this distribution.
Here we have some interesting results. Judging by the histogram, the majority of campaigns ask for a relatively low amount of money with most of them having a goal below 200 dollars.
Taking this into account, how many of these goals are actually reached? And how long does it take for this to happen? The following histogram helps us answer these questions.
The histogram shows that when a goal is reached, most of the time is within the first 5 days after creation. However, the total percentage of reached goals is only 8.8%, showing that the success rate is not so great.
Following the leak of the data from the Patreon website, this two-part article (first part here) focused on an overview of the data leaked and subsequent analysis of its content. A great part of it was private, meaning that could not be used in order not to endanger the users' privacy, leaving only general data about users and their projects as points of interest.
We've begun by taking a look at where these users came from and concluded that the vast majority is American. Furthermore, the user count by month shows that the website exhibited a slow adherence rate for years until August 2015, where it spiked.
These users appear to be mostly artists, judging by the most popular terms used in their personal descriptions. This is backed up by the analysis of popular campaign types and descriptions, which also shows a clear tendency for the arts.
Most of the campaigns ask for relatively small values (goals), however, only a small percentage of these goals are actually achieved, no matter how small they are.
It's important to remember that this analysis is based on the data of the leak alone and, considering the nature of the leak, it's certainly possible that the data could be tampered with.
This is once more a clear example of the lack of security that some services have when put to the test. Companies should move heaven and earth when it comes to protecting the privacy of their clients, however, this usually does not happen, giving origin to data leaks such as this one.