CafePress was responsible for a 2019 data breach that compromised the personal information of 22 million consumers. | stock photo
CafePress was responsible for a 2019 data breach that compromised the personal information of 22 million consumers. | stock photo
Michigan, along with six other states, has reached a $2 million settlement stemming from a 2019 CafePress data breach that impacted more than 474,900 Michigan residents.
According to Michigan Attorney General Dana Nessel's office, the data breach involved CafePress and exposed the names, emails, passwords, home addresses, phone numbers and some Social Security numbers of about 22 million people. CafePress is online retailer of user-customized, on-demand products, located in Louisville, Kentucky.
The seven states involved in the breach will divide $750,000, of which Michigan will be receiving about $91,000. CafePress has received a suspension for the remaining $2 million due to its current financial issues.
“While there are steps we as consumers can take to protect our own personal information from falling into the wrong hands, companies must also take appropriate measures to safeguard that data to ensure their customers are protected from predatory attempts to capitalize on that information," Nessel said, according to Michigan.gov.
The settlement -- which involves Michigan, New York, Connecticut, Indiana, Kentucky, New Jersey and Oregon -- also includes CafePress' agreement to implement various safeguards and third-party security assessments to its customers whose data has been compromised.
Alerts Sign-up