Poshmark, an online marketplace for buying and selling clothes, has reported a data breach.
The company said in a brief blog post that user profile information, including names and usernames, gender and city data was taken by an “unauthorized third party.” Email addresses, size preferences, and scrambled passwords were also taken.
Poshmark said it used the bcrypt hashing algorithm to scramble the passwords — one of the stronger algorithms available.
The company also said “internal” preferences, such as email and push notifications, were taken.
Financial data and physical address information was not compromised, the company said.
The marketplace said it retained outside forensics firm Kroll to investigate the breach. It also said it has rolled out “enhanced security measures” without elaborating. Spokesperson Sera Michael said law enforcement was contacted but not state regulators “because the nature of the information was not financial.”
Poshmark is said to have some 50 million users.
Read more:
- Security lapse exposed weak points on Honda’s internal network
- Another huge database exposed millions of call logs and SMS text messages
- Streaming site Kanopy exposed viewing habits of users, researcher says
- Capital One hacked, over 100 million customers affected
- An exposed password let a hacker access internal Comodo files