The United States based online home interior design company Havenly has suffered a data breach impacting over 1.3 million users.
According to an HaveIBeenPwned, a website that notifies users if their emails are part of any data breaches, data obtained by hackers includes “email addresses, names, phone numbers, geographic locations and passwords stored as SHA-1 hashes.”
This information was reportedly distributed among hacking communities. However, according to a letter sent to Havenly customers, no financial information was disclosed. Havenly stated that, “Please note: we do NOT store credit card information, apart from the last 4 digits of the card in some cases, which is not enough to engage in credit card fraud.”
The Havenly breach notification letter reassures customers that they “take the security of [their] community very seriously”. Despite not disclosing the specific information dispersed during the breach in the email, Havenly took the liberty to automatically log all existing customers out of their accounts. This will likely act as an impetus for customers to change their passwords. The letter even provides an instant link in the email for changing their password.
Havenly also urges customers to use different passwords across different platforms.
The breach occurred over a month ago, on June 25th. We urge you to check haveibeenpwned to see if your email was part of the breach. Additionally, we advise that you change your password.