• Menu
  • Skip to main content
  • Skip to primary sidebar

The Cyber Security News

Latest Cyber Security News

Header Right

  • Latest News
  • Vulnerabilities
  • Cloud Services
Cyber Security News

CafePress Fined $500,000 After Massive Data Breach

You are here: Home / General Cyber Security News / CafePress Fined $500,000 After Massive Data Breach
June 27, 2022

A foremost US regulator has fined CafePress fifty percent a million bucks pursuing a 2019 info breach that impacted 23 million clients.

Client rights agency the FTC argued in its finalized order that the on line goods web site failed to put into action sensible security steps to defend the details of consumers and sellers and that it even tried to protect up the breach.

Directed at prior owner Residual Pumpkin Entity and current proprietor PlanetArt, which bought CafePress in 2020, an FTC complaint alleged several essential security failings.

✔ Approved From Our Partners
AOMEI Backupper Lifetime

Protect and backup your data using AOMEI Backupper. AOMEI Backupper takes secure and encrypted backups from your Windows, hard drives or partitions. With AOMEI Backupper you will never be worried about loosing your data anymore.

Get AOMEI Backupper with 72% discount from an authorized distrinutor of AOMEI: SerialCart® (Limited Offer).

➤ Activate Your Coupon Code


Social Security figures and password reset solutions were saved in basic text, knowledge was retained for a longer period than vital and preventative and suitable detection and reaction systems ended up not deployed, it alleged.

Residual Pumpkin entity must now fork out the $500,000 good to compensate victims of the breach, while PlanetArt has been requested to notify all breach victims and offer information and facts on how shoppers can protect on their own.

The two corporations were being also ordered to carry out “comprehensive information and facts security programs” that will need them to:

  • Roll-out multifactor authentication
  • Minimize the total of data they collect and keep
  • Encrypt Social Security quantities
  • Share a 3rd-party evaluation of their new data security programs with the FTC

The breach itself was first publicized in August 2019, although it took a even more month in advance of CafePress began informing impacted consumers.

According to breach notification internet site HaveIBeenPwned, hackers stole 23 million exceptional email addresses,  names, physical addresses, phone numbers and passwords saved as SHA-1 hashes.

Following the incident, consumers were forced to change their logins but have been advised this was due to a password coverage ‘update’ somewhat than a breach.

The FTC’s order was permitted by a unanimous 5- vote.


Some pieces of this post are sourced from:
www.infosecurity-magazine.com

Previous Post: «Cyber Security News Learn NIST Inside Out With 21 Hours of Training @ 86% OFF
Next Post: WatchGuard Firebox M590 review: Big red network security watchguard firebox m590 review: big red network security»

Reader Interactions

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Primary Sidebar

Report This Article

Recent Posts

  • CISA Unveils Ransomware Notification Initiative
  • WooCommerce Patches Critical Plugin Flaw Affecting Half a Million Sites
  • GitHub Updates Security Protocol For Operations Over SSH
  • Malicious Python Package Uses Unicode Trickery to Evade Detection and Steal Data
  • Some GitHub users must take action after RSA SSH host key exposed
  • THN Webinar: Inside the High Risk of 3rd-Party SaaS Apps
  • Pension Protection Fund confirms employee data exposed in GoAnywhere breach
  • GitHub Swiftly Replaces Exposed RSA SSH Key to Protect Git Operations
  • Now UK Parliament Bans TikTok from its Network and Devices
  • IRS Phishing Emails Used to Distribute Emotet

Copyright © TheCyberSecurity.News, All Rights Reserved.