Poshmark Takes Data Breach; Mobile Payments Related Data Seems Safe

August 5, 2019         By: Steven Anderson

Another day, another data breach…sometimes it seems like this is just part of some horrible new normal in which all our data is at risk at any time despite our best efforts to keep it protected. There’s only so much we can do, after all, and when businesses—including major online names—are breached, our ability to stop it is virtually nonexistent. Recently, a data breach struck used goods marketplace Poshmark, but the news wasn’t as bad as it might have been.

Poshmark revealed that an “unauthorized third party” had illicitly acquired data on some users, but the data did not include either financial data or physical addresses. What was taken seemed comparatively mild, and included such things as user name, gender, real first and last name, and city of operation. These are points commonly available from your standard phone book, so the loss isn’t exactly great.

Poshmark offered some remarks in the wake of the breach, saying “We take the trust you have placed in us extremely seriously, and since learning of this incident, we’ve expanded our security measures even further. We’ve conducted an internal investigation, retained a leading security forensics firm, and have implemented enhanced security measures across all systems to help prevent this type of incident from happening in the future.”

That’s about all Poshmark really could have done. Frankly, as data breaches go, this may be one of the least disastrous we’ve seen in quite some time. No data of any real value was taken, most of the good stuff was kept safely elsewhere, and Poshmark’s firing up all the expected and necessary responses. It’s never good news to hear your data’s been illicitly accessed, and it tends to hurt the property who’s holding the data as it shows them weak on at least one front, but a quick response can ameliorate this impact by showing that the firm in question is doing what it can to protect users’ data. It won’t prevent all the lost business, but it will likely stem some losses early.

There’s only so much that can be done to protect data, and those companies that show they’re doing the job are much more likely to weather the storm of unexpected data breaches.