{"id":14485,"date":"2019-02-01T11:10:03","date_gmt":"2019-02-01T19:10:03","guid":{"rendered":"https:\/\/www.palada.net\/index.php\/2019\/02\/01\/news-8237\/"},"modified":"2019-02-01T11:10:03","modified_gmt":"2019-02-01T19:10:03","slug":"news-8237","status":"publish","type":"post","link":"http:\/\/www.palada.net\/index.php\/2019\/02\/01\/news-8237\/","title":{"rendered":"Houzz data breach: Why informing your customers is the right call"},"content":{"rendered":"

Credit to Author: Pieter Arntz| Date: Fri, 01 Feb 2019 18:00:39 +0000<\/strong><\/p>\n

Houzz is an online platform dedicated to home renovation and design. Today (February 1, 2019), they notified their customers about a data breach that reportedly happened in December 2018.<\/p>\n

Data breaches unfortunately have become a common event. In fact, we dubbed 2018 the year of the data breach tsunami<\/a>. Also Houzz is not a giant corporation with millions of customers. So why are we writing about this, you may ask? Mainly because we feel there are some giant corporations out there who can learn from this event as an example on how to handle a data breach properly.<\/p>\n

Turnaround<\/h3>\n

Discovering and informing your customers about a breach that happened less than two months ago is a lot better than what we have seen recently. They did not wait until the investigation on how the breach happened was finished. As soon as they knew what was stolen, they decided to inform those concerned. Of course it is imperative that you get this information into your customers’ hands as soon as possible. Which is probably why the investigation is being conducted by a leading forensics firm. Law enforcement has been notified as well.<\/p>\n

Informing customers<\/h3>\n

Houzz informed their customers directly by email, as well as on their website, about the breach. They said:<\/p>\n

\n

Houzz recently learned that a file containing some of our user data was obtained by an unauthorized third party.<\/p>\n<\/blockquote>\n

The mail starts with this disclosure, goes on to explain what happened, and which information was stolen. It also contains a link to their website, where you can find more information<\/a>.<\/p>\n

\"Houzz<\/a><\/p>\n

The information given is concise and precise\u2014not just some general remark that no financial information was stolen, which thankfully wasn\u2019t indeed. Houzz included a list of information that was stolen.<\/p>\n

\n

The following types of information could have been impacted by this incident:<\/p>\n