Cybersecurity News

Houzz Data Breach – What Really Happened?

The Houzz data breach happened in December 2018. The home improvement start-up firm claims it has over 40 million users. Let’s find more about the Houzz data breach in this article. 

Another day, another breach. This may sound old but yes, another data breach occurred. Cyberattacks get even more common each day. It is so common that “if” is no longer the question to ask. It’s a matter of “when”. Every sector experiences it – from government agencies to small businesses with unsecured databases.

In December 2018, another popular company got victimized again – Houzz. The mentioned company serves in the home improvement industry. 

What is Houzz?

This company is a website and an online community. It offers home improvement services to homeowners. Moreover, they cater services to home design aficionados and professionals. One of its tools is the marketplace. The marketplace enables home improvement companies to advertise and sell their products. The company claims it has over 40 million users.

Houzz Data Breach

The company admitted they suffered a data breach. Their announcement stated that unauthorized third-parties accessed files. Those files contain public visible user data. Yet, it is still unclear if hackers accessed the files through a hacked system. Houzz still didn’t say either if a rogue employee started the breach or a database was left unsecured.

Furthermore, the information involved in the breach includes:

  • IP address
  • User logs in Facebook
  • Email addresses
  • User IDs
  • Public information from a Houzz profile (for instance, name and address)
  • City and ZIP code derived from the IP address

Moreover, the company didn’t reveal whether hackers distributed the data or sold on any hacking forums. Fortunately, no payment information or SSNs were involved in the attack. Moreover, the company said that the actual user passwords were not compromised. Instead, hackers had access to scrambled passwords.

Response On Houzz Data Breach

While hackers didn’t have access to actual passwords, the company recommended its users to change their passwords. The company enables users to do this by visiting the “Change Password” page of their website or going to their account settings.

Furthermore, the company sent email notifications to its users about the breach. The home improvement firm promised its users to improve data security. Moreover, they wrote that they started an internal investigation and engaged with law enforcement. Additionally, they retained a leading security forensics firm regarding the matter. 

Yet, it’s not clear if the company will face penalties.

Users affected by the Houzz data breach should immediately change their passwords. Moreover, consider using a password manager in the future.

Precautionary Steps

As we have mentioned earlier, the company experiencing a data breach is inevitable. Here are some suggestions:

  • Beware of phishing scams – this is one of the most common methods hackers use. Hackers use this method hoping to get victims to click on malicious links. 
  • Install strong security software – it is important to protect your gadgets with strong security software. Keep your antivirus updated. This serves as the best defense.
  • Never reuse the same password for multiple online services.
  • Enable two-factor authentication.
  • Frequently check your bank accounts for suspicious activity. 
  • Close accounts that you rarely use.

Cybersecurity Incident Response: Six Key Steps

Organizations face an information security risk. So, we need a cybersecurity incident response plan.

But what is it? Also, how can it help you?

Read on to learn more.

Cybersecurity Incident Response Definition

A cybersecurity incident response manages a cyberattack. Without this, it can bring great damage to an organization.

It can also affect customers. Worse, it ruins the reputation of a business.

Moreover, an incident response plan decreases the damage of the attack. So, businesses can quickly recover and operate again.

Additionally, it involves an investigation of the incident. So, organizations can learn from it. 

Thus, they can prepare for possible incidents in the future. They can also protect their information.

Importance of a Cybersecurity Incident Response

Cyber incidents are getting bigger and more frequent. So, an incident response plan is critical to defending an organization.

In addition, poor management of attacks will drive your clients away. It can even cost you money.

So, failure to make a response plan will cause you greater damage.

For example, Target failed to secure its securities. So, it made their 2013 attack worse from the past hacks.

Also, Equifax avoided notifying their clients. So, the 2017 hack hurt its brand significantly.

Thus, a cybersecurity incident response is necessary. No matter what industry your organization belongs to.

Cybersecurity Incident Response Team

Every company should have a CIRT team. CIRT stands for Computer Incident Response Team.

This team leads the application of a company’s incident response. It composes of experts from:

  • executive management
  • information technology
  • information security
  • IT auditors
  • physical security staff
  • forensic experts
  • HR team
  • Legal department
  • communications

Six Steps of a Cybersecurity Incident Response Plan

Here are the six steps to a response plan.


We should not wait for incidents to happen before we make a plan. Remember, security incidents are not inevitable. They can happen anytime.

So, it is vital to do the following prior to a cybersecurity incident:

  • Build a team of experts.
  • Develop security policies.
  • Train employees about the best practices.


Quick identification of a breach allows for an effective response. The key to this is the following methods:

  • threat intel systems
  • intrusion detection
  • firewalls

In addition, threat intelligence helps protect information. Its experts will study the current trends in cybersecurity.

So, you can keep updated on the threats.


If an incident already took place, it is critical to contain the damage immediately. So, you can prevent the hack to penetrate your systems.

How can you do this?

It is important to take networks offline. Also, regular backups from these systems will secure your data.

Thus, you can maintain operations while troubleshooting. 


After containing the threat, it is also important to remove it as early as possible. It includes quarantining the threat and systems.

Also, it requires additional monitoring. So, you can make sure that these attacks will not resurface.


To return to the working condition, the response team should restore operations. They can do this by ensuring that the systems are no longer affected.


Most companies overlook this final stage. But, it is critical to avoid the same thing from happening again.

Also, the team will study how they can improve future response efforts. Thus, you can strengthen your security.