Augmented Reality App Maker Houzz Reveals Major Data Breach

In the realm of internet security, it's becoming clear that augmented reality is not immune to the increasing wave data breaches plaguing users.

On Friday, furniture retailer Houzz, an early adopter of ARKit, revealed details of a data breach that occurred in December 2018.

Don't Miss: Art.com & Houzz Apps Take Imaginative Approaches to Hang AR Art Until ARKit Update Arrives

While an investigation into the breach is ongoing, Houzz has learned that profile information, internal identifiers with "no discernible meaning to anyone outside of Houzz," internal account information, and publicly available account information leaked due to the breach.

The compromised information includes the names and locations of users, current and past user IDs, Facebook IDs, IP addresses, and one-way encrypted passwords. However, the extent of the information revealed on each user varies depending on whether the user made their profile information public or logged in through Facebook.

Augmented Reality App Maker Houzz Reveals Major Data Breach — *Image by Houzz/YouTube*

"Houzz recently learned that a file containing some of our user data was obtained by an unauthorized third party," the company said in a statement.

"The security of user data is our priority. We immediately launched an investigation and engaged with a leading forensics firm to assist in our investigation, containment, and remediation efforts. We have also notified law enforcement authorities."

According to the company, sensitive financial information, such as Social Security numbers, credit card numbers, bank account numbers, or other financial data, were not taken during the breach. Nevertheless, Houzz has notified impacted users of the incident, so if you are a Houzz app user, check your email to see if you need to see if you need to change your password.

Although the augmented reality features of the Houzz app — specifically, the ability for customers to view virtual furniture, paintings, and other home decor in their home — aren't responsible for the data breach, the event does serve as a reminder that mobile AR still runs via the same backend infrastructure as other apps, which are all susceptible to hacking in one way or another.