In a complaint filed against Residual Pumpkin Entity, LLC, the former owner of CafePress, and PlanetArt, LLC, which bought CafePress in 2020, the FTC alleged that CafePress failed to implement reasonable security measures to protect the sensitive information of buyers and sellers stored on its network.
“These orders dial up accountability for lax security practices, requiring redress for small businesses that were harmed, and specific controls, like multi-factor authentication, to better safeguard personal information.” “CafePress employed careless security practices and concealed multiple breaches from consumers,” said Samuel Levine, Director of the FTC’s Bureau of Consumer Protection. The Commission’s proposed order requires the company to bolster its data security and requires its former owner to pay a half million dollars to compensate small businesses. The FTC alleges that CafePress failed to implement reasonable security measures to protect sensitive information stored on its network, including plain text Social Security numbers, inadequately encrypted passwords, and answers to password reset questions. The Federal Trade Commission today took action against online customized merchandise platform CafePress over allegations that it failed to secure consumers’ sensitive personal data and covered up a major breach.
News and Events Show/hide News and Events menu items.Advice and Guidance Show/hide Advice and Guidance menu items.Competition and Consumer Protection Guidance Documents.Enforcement Show/hide Enforcement menu items.
0 kommentar(er)
