Last Updated
Case Status
Pending
In the Matter of Residual Pumpkin Entity, LLC, a limited liability company, formerly d/b/a CafePress; and PlanetArt LLC, a limited liability company, d/b/a CafePress
FTC Matter/File Number
1923209
Case Summary
The FTC alleged that CafePress failed to implement reasonable security measures to protect sensitive information stored on its network, including plain text Social Security numbers, inadequately encrypted passwords, and answers to password reset questions. The Commission’s proposed order requires the company to bolster its data security and requires its former owner to pay a half million dollars to compensate small businesses.
The FTC is sending payments totaling more than $370,000 to consumers who were harmed by the data security failures of online merchandise platform CafePress.