Poshmark, an online marketplace for buying and selling clothes, has reported a data breach.
The company said in a brief blog post that user profile information, including names and usernames, gender and city data was taken by an “unauthorized third party.” Email addresses, size preferences, and scrambled passwords were also taken.
Poshmark said it used the bcrypt hashing algorithm to scramble the passwords — one of the stronger algorithms available.
The company also said “internal” preferences, such as email and push notifications, were taken.
Financial data and physical address information was not compromised, the company said.
The marketplace said it retained outside forensics firm Kroll to investigate the breach. It also said it has rolled out “enhanced security measures” without elaborating. Spokesperson Sera Michael said law enforcement was contacted but not state regulators “because the nature of the information was not financial.”
Poshmark is said to have some 50 million users.