It has been reported that Home improvement startup Houzz has suffered a data breach. The company said in an FAQ on its website that the breach was discovered in late December 2018, and that “a file containing some of our user data was obtained by an unauthorized third party.”
https://twitter.com/secnews24/status/1092004300509888513
Tim Erlin, VP at Tripwire:
“While it might not be clear how this sensitive data was obtained, this is a good example of the risks of password reuse. If you used the same password for your Houzz account that you used for a more sensitive account, then you’ve put that more sensitive account at risk as well. Using unique passwords is a good way to protect yourself from this type of risk. Using multi-factor authentication is another way to reduce the risk. The Internet is all about connection, and sometimes those connections work to the advantage of attackers.”
The opinions expressed in this post belongs to the individual contributors and do not necessarily reflect the views of Information Security Buzz.