August 1, 2019
We recently discovered that data from some Poshmark users was acquired by an unauthorized third party.
The data acquired does not include any financial or physical address information, and we do not believe your password was compromised. Regardless, we recommend that you change your password as a precaution and security best practice.
The type of data involved includes:
- Certain user profile information specified for public use such as username, first and last name, gender, and city
- Certain internal account information such as email address, user ID, size preferences, and one-way encrypted passwords salted uniquely per user (making it nearly impossible to use these passwords to access an account), as well as social media profile information collected when users connect social media accounts to Poshmark
- Certain internal Poshmark preferences for email and push notifications
We take the trust you have placed in us extremely seriously, and since learning of this incident, we’ve expanded our security measures even further. We’ve conducted an internal investigation, retained a leading security forensics firm, and have implemented enhanced security measures across all systems to help prevent this type of incident from happening in the future.
Poshmark is a platform built on love and transparency, and we’re committed to serving you, and our entire community, every step of the way. You are the core of our business, and without you, we wouldn’t be the community we are today. We sincerely regret any concern this may cause you, and we’re here to answer any questions you may have.
For more info, please see our FAQ or contact email@example.com.