+Warwagon MVC Posted September 25, 2019 MVC Share Posted September 25, 2019 Online merchandise retailer CafePress, used by millions of people to host an online store where they can sell custom-designed t-shirts, mugs, stickers, and more, has finally informed its customers that its systems were hacked and their personal details stolen. 23,205,290 unique email addresses are thought to have been stolen by hackers from CafePress’s systems alongside passwords weakly stored as base64 SHA-1 encoded hashes. Some of the stolen records came complete with names, home addresses, and phone numbers. According to CafePress, “in a small number of cases” the last four digits of customers’ credit card numbers and credit card expiration dates have also been exposed. Disturbingly, some users have claimed that their details have been leaked even though they deleted their accounts “a long time ago.” CafePress’s breach notification, made via email to affected users, comes several months after the breach is believed to have taken place (February 2019), and a full month-and-a-half after CafePress forced users to change their passwords. https://www.grahamcluley.com/cafepress-finally-warns-customers-that-it-was-hacked/ goretsky 1 Share Link to comment Share on other sites More sharing options...
Recommended Posts