• Sign in to Neowin Faster!

    Create an account on Neowin to contribute and support the site.

Sign in to follow this  

CafePress finally warns customers that it was hacked

Recommended Posts

+warwagon    13,950

Online merchandise retailer CafePress, used by millions of people to host an online store where they can sell custom-designed t-shirts, mugs, stickers, and more, has finally informed its customers that its systems were hacked and their personal details stolen.


23,205,290 unique email addresses are thought to have been stolen by hackers from CafePress’s systems alongside passwords weakly stored as base64 SHA-1 encoded hashes. Some of the stolen records came complete with names, home addresses, and phone numbers.


According to CafePress, “in a small number of cases” the last four digits of customers’ credit card numbers and credit card expiration dates have also been exposed.


Disturbingly, some users have claimed that their details have been leaked even though they deleted their accounts “a long time ago.”


CafePress’s breach notification, made via email to affected users, comes several months after the breach is believed to have taken place (February 2019), and a full month-and-a-half after CafePress forced users to change their passwords.



  • Like 1

Share this post

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this  

  • Recently Browsing   0 members

    No registered users viewing this page.