Poshmark, an online clothing retail website, has announced a security breach that involved ‘an unauthorized party.’ According to the company, the intruder was able to acquire some information on the platform’s users, though that data didn’t include physical addresses or banking details. Though the company doesn’t think passwords were compromised, users are advised to update their passwords as a precautionary measure.
Poshmark revealed the security intrusion on August 1, stating that it conducted an internal investigation about the matter and that it has tapped a ‘leading security forensics firm’ as part of this; as well, the company says it ‘implemented enhanced security measures’ across its systems.
The company doesn’t reveal when the security breach took place. The unauthorized third-party was able to grab data that included some user profile information, including names, cities, gender, and usernames. As well, the intruder acquired some internal account data, including user IDs and email addresses, encrypted passwords, social media profile info, and size preferences.
Finally, the security breach also compromised some internal user preferences related to the platform, such as getting push notifications and email alerts. Poshmark didn’t specify how the intrusion took place but did state that its newly implemented security measures will prevent this type of breach in the future.
Though the company doesn’t ‘believe’ user passwords were compromised as a result of this breach, users are advised to update them regardless. Poshmark users who use the same passwords and emails on other platforms should update those passwords, as well, to help keep those other accounts secure.