We’ve, um, changed our password policy, says CafePress amid reports of 23m pwned accounts

We’ve, um, changed our password policy, says CafePress amid reports of 23m pwned accounts

Posted August 5, 2019

We’ve, um, changed our password policy, says CafePress amid reports of 23m pwned accounts

Source: The Register
By: Gareth Corfield
Published: August 5, 2019

* Twee T-shirts ‘n’ merch purveyor CafePress had 23 million user records swiped · reportedly back in February · and this morning triggered a mass password reset, calling it a change in internal policy. * Details of the security breach emerged when infosec researcher Troy Hunt’s Have I Been Pwned service · which lists websites known to have been hacked, allowing people to check if their information has been stolen · began firing out emails to affected people in the small hours of this morning. * According to HIBP, a grand total of 23,205,290 CafePress customers’ data was swiped by miscreants, including email addresses, names, phone numbers, and physical addresses.