SAN FRANCISCO, Calif.—CafePress, a custom T-shirt and merchandise company acquired by Snapfish for more than $25 million in November 2018, has been hacked. According to several reports, the breach happened on Feb. 20 and compromised 23 million customer accounts.
According to Forbes, the breach compromised 23,205,290 accounts. The exposed data includes 23 million unique email addresses. Other compromised information includes names, physical addresses, phone numbers, and passwords.
According to the Mozilla Firefox Monitor service, "It can sometimes take months or years for credentials exposed in a data breach to appear on the dark web. Breaches get added to our database as soon as they have been discovered and verified."
There is not a public disclosure from CafePress, but a spokesperson for the company says, "CafePress Inc. learned of a potential security issue related to customer accounts. We have engaged third-party experts and are investigating the issue. Our commitment to maintaining the confidentiality of our customers' information is paramount to the employees and leadership of CafePress."
For more information on CafePress, visit www.cafepress.com.