Security News

CafePress fined $500,000 for breach affecting 23 million users
2022-06-24 16:48

The U.S. Federal Trade Commission has ordered Residual Pumpkin Entity, the former owner of the CafePress t-shirt and merchandise site, to pay a $500,000 fine for covering up a data breach impacting more than 23 million customers and failing to protect their data. After its servers were breached multiple times, it tried to cover up the major data breach resulting from its sloppy security practices.

FTC fines CafePress $500K for breach affecting 23 million users
2022-06-24 16:48

The U.S. Federal Trade Commission has ordered Residual Pumpkin Entity, the former owner of the CafePress t-shirt and merchandise site, to pay a $500,000 fine for covering up a data breach impacting more than 23 million customers and failing to protect their data. After its servers were breached multiple times, it tried to cover up the major data breach resulting from its sloppy security practices.

Web vendor CafePress fined $500,000 for giving cybersecurity a low value
2022-03-21 19:55

The breach, says the FTC, saw hackers make off with more than 20,000,000 plaintext email addresses and weakly-hashed passwords; millions of unencrypted names, physical addresses, and security questions-and-answers; more than 180,000 unencrypted SSNs; and, for tens of thousands of payment cards, the last four digits of the card plus the expiry date. Misrepresenting the steps it took to secure consumer accounts following security incidents.

CafePress fined for covering up 2019 customer info leak
2022-03-16 22:23

The FTC wants the former owner of CafePress to cough up $500,000 after the customizable merch bazaar not only tried to cover up a major computer security breach involving millions of netizens, it failed to safeguard customers' personal information. In a complaint [PDF] filed against CafePress former owner Residual Pumpkin Entity and PlanetArt, which bought the platform in 2020, the FTC alleges multiple instances of shoddy security practices at the online biz.

FTC to fine CafePress for cover up of massive data breach
2022-03-15 18:25

The U.S. Federal Trade Commission wants to slap the former owner of the CafePress custom t-shirt and merchandise site with a $500,000 fine for failing to secure its users' data and attempting to cover up a significant data breach impacting millions. As the consumer protection watchdog explained, CafePress' former owner, Residual Pumpkin Entity, stored its customers' Social Security numbers and password reset answers in plain text, and their data longer than necessary.

Hacked Off: Lawsuit Alleges CafePress Used Poor Security
2019-10-11 13:33

23 Million Victims Across US, UK, EU and Australia Receive Breach NotificationsPersonalized product retailer CafePress has been hit with a lawsuit alleging that it failed to notify 23 million...

Several months after the fact, CafePress finally acknowledges huge data theft to its customers
2019-09-23 16:17

Maybe check your credit rating, says red-faced firm T-shirt flogger CafePress has finally informed its customers about a serious data loss dating back to February and first reported last month.…

Add passwords to list of stuff CafePress made hash of storing, says infoseccer. 11m+ who used Facebook 'n' pals to sign in were lucky
2019-08-06 17:09

11m other leaked users' p-words hashed with SHA-1 Passwords were among the 23 million customer records siphoned from CafePress by hackers – and the site was using the less secure SHA-1 hashing...

We've, um, changed our password policy, says CafePress amid reports of 23m pwned accounts
2019-08-05 12:46

Three-quarters of email addys already in breach database Twee T-shirts 'n' merch purveyor CafePress had 23 million user records swiped – reportedly back in February – and seemingly fingered an...