Poshmark announced on Thursday that it experienced a data breach. The company said in a blog post that it does not believe financial, physical address or password information has been compromised, but the second-hand retailer advised users to change their passwords anyway.
A Poshmark spokesperson declined to confirm how many of its 50 million users were impacted by the breach, but said in a statement to Retail Dive, "Enough of our users were affected for us to make the decision, out of an abundance of caution, to notify all of our users about the incident." Users in the United States were affected but not Canadian users, the company said in a blog post.
The company confirmed that information stolen included: Poshmark preferences for email and push notifications; user profile information like username, first and last name, gender and city; and information like size preferences, one-way encrypted passwords and social media profile information.
Not only has Poshmark not revealed how many users have been affected, but it's also not clear when the breach actually took place, though the company's blog post stated it has investigated the matter.
The company said it hired a security forensics firm to investigate its internal software for security issues, but the company did not find "any material vulnerabilities." The company also stated that though it's security measures were already strong, it plans to take additional steps to protect users, but did not specify what that entails.
"We take the trust you have placed in us extremely seriously, and immediately upon learning of this incident, we expanded our security measures even further," the company said.
Data breaches continue to be problematic for retailers. Other companies, such as Forever 21, Neiman Marcus, Nordstrom and Eddie Bauer, have had to contend with data breaches or payout settlements related to security breaches.
According to a Thales Data Threat Report, U.S. retailers lead the world in security breaches, and more than doubled in one year, rising from 19% in 2017 to 50% in 2018.