Houzz: Home improvement and interior decorating startup.
Risk to Small Business: Severe: On Friday, the company issued a notice to customers stating that an “unauthorized third party” had accessed user data including usernames, passwords, and IP addresses. Although financial information was not exposed, Houzz became aware of the breach in in late December of 2018, yet the investigation is still ongoing and it is still not clear how many users were impacted.
Individual Risk: Severe: When combined with the internal data that was compromised, public information such as first and last name, city, state, country, profile description, can be packaged together to sell on the Dark Web and commit cyber fraud. Additionally, users who logged into the app via Facebook would have their IDs exposed as well.
Customers Impacted:To be determined
How it Could Affect You: In the event that an organization has to disclose a breach to its users, it is essential to be clear on “who, what, when, and where”. Even though Houzz discovered the leak in late December of 2018 and was compelled to disclose in a timely manner in accordance with new GDPR laws, they are still unsure on the number of users impacted or the origin of the cyberattack. Aside from dispelling vigilant customers who want to protect their data going forward, the incident may trigger fines to be levied.
In Other News:
The long-term consequences of data breaches on consumer trust
Most news coverage surrounding data breaches will hint at the erosion of customer loyalty, but what does it truly look like? With industries being disrupted at unprecedented rates, companies that are caught in the cross-hairs of highly publicized breaches must face the reality of losing customers to their competitors.
Additionally, an emphasis on post-breach damage control can impede an organization’s marketing and communication efforts to regain trust with their customers. The involvement of legal teams usually results in radio silence that can span months or years, causing brands to gradually diminish from the minds of their audiences.
As cyber-attacks continue to become more commonplace, marketers will begin to assume a role in shaping security efforts. Third-party marketing technologies are rife with vulnerabilities that hackers are waiting to explore, and everyone will be responsible for prioritizing privacy over data management.