Clothing re-seller Poshmark announced in a note to customers it has experienced a data breach that resulted in outsiders making off with some of their personal information.
The company sent an email to customers Friday alerting them to a security incident in which an “unauthorized third party” accessed customers’ usernames, first and last names, gender and city. Hackers also stole email addresses, user ID, size information and, most notably, encrypted passwords. Poshmark advised users to update their password as a precaution.
“The data acquired does not include any financial or physical address information, and we do not believe your password was compromised,” the company said in the email, echoing a data breach notification posted Thursday on its website.
Poshmark did not say how many of its roughly 40 million users are affected.
The company has retained security consultancy Kroll to investigate the breach, according to TechCrunch.
Poshmark, founded in 2011, competes with Etsy in attracting users who use mobile apps to buy and sell used clothing items and home goods.