Houzz, a popular home improvement website with headquarters in California, suffered a data breach in December 2018. It is unknown how many of the website’s 40 million members are affected, but the compromised information may include first and last names, city, state, country, IP addresses, one-way encrypted passwords and user profile information.
Since the breach did not involve Social Security numbers or payment information, the company considers it “highly unlikely” that affected customers may fall victim to identity theft due to the incident. It is noteworthy that the company took over a month to notify customers, which is in violation of the EU General Data Protection Regulation (GDPR).
Note: after publishing this summary we were informed by Houzz that: