Houzz Inc.
On November 29, 2018 an employee in the Organization’s head office in Burnaby, British Columbia received a fraudulent email from an unknown third party. The email appeared to be from the Organization’s Chief Executive Officer and attached a link to a fraudulent website. The email deceived the employee into disclosing the employee’s credentials for their work email account. The unknown third party then used the employee’s credentials to access the employee’s work email account and establish rules based on key words, to automatically forward certain emails to an unauthorized Gmail account. On November 29, 2018, approximately 60 emails from the employee’s work email account were forwarded before the incident was discovered and contained. The incident was discovered on the same day.