Poshmark, a clothing marketplace with 50 million users, has been breached exposing information like names, usernames, gender, location, email addresses, and scrambled passwords.
Poshmark, an online marketplace for buying and selling clothes, has reported a data breach according to TechCrunch.
The company said in a brief blog post that user profile information, including names and usernames, gender and city data was taken by an “unauthorized third party.” Email addresses, size preferences, and scrambled passwords were also taken.
Poshmark said it used the bcrypt hashing algorithm to scramble the passwords — one of the stronger algorithms available.
The company also said “internal” preferences, such as email and push notifications, were taken.
Financial data and physical address information were not compromised, the company said.
The marketplace said it retained outside forensics firm Kroll to investigate the breach. It also said it has rolled out “enhanced security measures” without elaborating. Spokesperson Sera Michael said law enforcement was contacted but not state regulators “because the nature of the information was not financial.”
Poshmark is said to have some 50 million users.
Whittaker, Zack. (2019, August 1). Clothing marketplace Poshmark confirms data breach. TechCrunch.