Poshmark Users, You Need to Reset Your Passwords

Screenshot: Poshmark

Chances are high that if you’ve resold clothes online any time recently (or bought them second-hand), you’ve done so on Poshmark. Unfortunately, it’s also the latest company to suffer a data breach.

Here’s their reset password page—you all know the drill by now.

“We recently discovered that data from some Poshmark users was acquired by an unauthorized third party,” the company wrote in a blog post yesterday. While passwords were stored in a hashed form, making them harder to decrypt, it’s recommended the site’s users reset their passwords regardless as a precaution.

Advertisement

As Motherboard first reported, usernames, legal names, genders, locations, clothing size preferences, and email addresses were among the exfiltrated data. Users who logged in through a social media account may have had their profile information stolen as well. Unlike, say, the disastrous Capital One breach earlier this week, Poshmark users’ financial data is not believed to be compromised

“We’ve conducted an internal investigation, retained a leading security forensics firm, and have implemented enhanced security measures across all systems to help prevent this type of incident from happening in the future,” the company wrote. The company has not made any public conclusions yet as to who is responsible for the breach or how many of Poshmark’s 40 million users were affected.

Share This Story

About the author

Bryan Menegus

Senior reporter. Tech + labor /// bryan.menegus [at] gizmodo.com Keybase: keybase.io/bryangm Securedrop: http://gmg7jl25ony5g7ws.onion/

TwitterPosts
PGP Fingerprint: 1905 9104 D967 2EB7 C3F5 68F9 9108 1434 C917 C1B9