What is known about the CafePress breach? Like most people waking up this morning to an email from the haveibeenpwned (HIBP) breach database service, this was the first I had heard of it. An equally good one might be "why have I heard about this breach from HIBP and not CafePress itself?" HIBP confirmed that "Whilst the breach occurred in February, sometimes there can be a lengthy lead time of months or even years before the data is disclosed publicly. "I just don’t even know if it’s even possible to safeguard data online anymore," Ian Thornton-Trump, the head of cybersecurity for Amtrust International, says, "I think we need strong data retention and data expiration so consumers can decide how long their data is held and what data fields are retained." I have contacted CafePress to request a statement regarding this data breach but had not heard back at the time of publication.
Support the originator by clicking the read the rest link below.
