UPDATED 20:40 EDT / FEBRUARY 03 2019

SECURITY

Data stolen in hack of home improvement site Houzz

Home improvement site Houzz has suffered a data breach, with an unknown amount of user information stolen.

The hack, discovered in late December but only revealed on Friday, involved the theft of profile information, including name, city, state, country and profile description, along with internal identifiers such as the region and location of the user and whether each has a profile image.

Houzz added that usernames and encrypted passwords were stolen as well. The hack did not involve the theft of Social Security numbers or payment card, bank account, or other financial information.

The company provided no details as to how the hack took place, saying on an FAQ page that it “continue(s) to investigate the incident both with our internal team and with a leading forensics firm.” Affected users have been notified by email and asked to reset their passwords as a precaution.

Houzz is a 10-year-old forum and home improvement service that connects people with services in home remodeling, architecture, interior design, decorating, landscaping and home improvement. The company was valued at $4 billion as of its last venture capital fundraising and has raised $613.6 million to date, meaning it can afford to implement decent security.

Tim Erlin, vice president of product management and strategy at Tripwire Inc., told SiliconANGLE that although it might not be clear how this sensitive data was obtained, it’s a good example of the risks of password reuse.

“If you used the same password for your Houzz account that you used for a more sensitive account, then you’ve put that more sensitive account at risk as well,” Erlin explained. “Using unique passwords is a good way to protect yourself from this type of risk.”

Using multi-factor authentication is another way to reduce the risk, he added. “The internet is all about connection, and sometimes those connections work to the advantage of attackers,” he said.

Image: Houzz

A message from John Furrier, co-founder of SiliconANGLE:

Your vote of support is important to us and it helps us keep the content FREE.

One click below supports our mission to provide free, deep, and relevant content.  

Join our community on YouTube

Join the community that includes more than 15,000 #CubeAlumni experts, including Amazon.com CEO Andy Jassy, Dell Technologies founder and CEO Michael Dell, Intel CEO Pat Gelsinger, and many more luminaries and experts.

“TheCUBE is an important partner to the industry. You guys really are a part of our events and we really appreciate you coming and I know people appreciate the content you create as well” – Andy Jassy

THANK YOU