The popular Home Design Website, Houzz, has experienced a massive data breach last month and has now urged its users/customers to reset their passwords for safety purposes. Here’s what we know about the Houzz Data Breach:
Houzz sent an email to its customers last Thursday, January 31, saying that an “unauthorized third party” gained full access to a file containing customer data. The incident was discovered in late December, and Houzz states that they immediately began investigating the issue with a leading forensics firm. “Out of an abundance of caution, we have notified all Houzz users who may have been affected,” the company says in an update on its website.
Information possibly obtained
Consumer Affairs reports that Houzz, which claims to have “40 million homeowners, home design enthusiasts and home improvement professionals” signed up, didn’t provide an estimate of how many users might have been impacted by the breach.
The home improvement startup said Social Security numbers and other financial information weren’t involved in the incident. However, user ID, one-way encrypted passwords, previous Houzz usernames, IP addresses, and city and postcodes inferred from IP addresses could have been leaked.
“We do not believe that any passwords were compromised because we do not actually store passwords, except in a one-way encrypted form that is salted uniquely per user,” the company wrote.
Houzz recommended that users reset their passwords as a precaution.
“We recommend changing your password on any other sites or accounts where you used the same login information that you used for Houzz. It is generally best practice to use a unique password for each service.”
The company said that its investigation into the matter is ongoing and that it has taken steps to safeguard user data.
What are your thoughts on the Houzz Data Breach? Comment below and let us know if you have any thoughts! Want to keep your thoughts private? Shoot us an email to Outreach@