CafePress, a well-known custom T-Shirt and merchandise site, suffered a data breach that exposed the personal information of 23 million of their customers. Users became aware of the breach today, not through CafePress, but through notifications from Troy Hunt’s Have I Been Pwned service. The database contained a total 23,205,290 CafePress customer records, including email addresses, names, phone numbers, and physical addresses. About half the records also had encrypted passwords attached, with most of them hashed using an older form of encryption known as “base64 SHA1,” according to Forbes, that’s easily broken in 2019.
About the Author
The opinions expressed in this post belongs to the individual contributors and do not necessarily reflect the views of Information Security Buzz.
