The popular home remodelling website Houzz has informed its customers that it suffered a data breach. This breach is thought to have exposed some personal information, but it isn’t certain how many have been affected. Currently, Houzz has 40 million users and discovered the breach in late December.
The website sent an email to all of those users they believe to be affected. In the email, they stated: “Houzz recently learned that a file containing some of our user data was obtained by an unauthorized third party.” They also went on to say: “We immediately launched an investigation and engaged with a leading forensics firm to assist in our investigation, containment and remediation efforts.”
The information contained in the file includes name, city, state, county and description. Houzz also revealed other data including IP addresses, usernames and Facebook ID’s were also included.
The company confirmed that no financial information was obtained, or any social security details.
Houzz has recommended that users change their passwords to protect their accounts. However, they said because of the way they store the passwords, it was unlikely any were compromised.
“We do not believe that any passwords were compromised because we do not actually store passwords except in a one-way encrypted form that is salted uniquely per user.”
Regardless of whether any passwords were accessed, the company has advised users to change them. They also stated that any passwords also used for other accounts that are the same as Houzz should also be changed as a precaution.
The company stated that they have contacted law enforcement.
There is speculation that Houzz is getting ready to float on the stock exchange. This week, they have reportedly laid off 110 people in the UK and Germany. With 1,800, this is roughly 10 per cent of the company’s workforce.
Houzz called the layoffs a restructuring of their international marketplace.