*Save 15% off on products from CafePress, excluding shipping charges, and applicable sales tax. Coupon code PLUS15OFF must be entered at checkout. Promotion starts on September 11, at 12:00 a.m. (PT) and ends on Sept 17, 2019, at 11:59 p.m. (PT). Offer applies only to orders from the CafePress Marketplace and Create & Buy. Discount does not apply to fulfillment products, Daily Deals Products, or products that begin with 030. Offer valid online at CafePress only, cannot be combined with any other coupons or promotions, and may change, be modified or cancelled at any time without notice. This promotion cannot be applied to past orders.

Data Security Incident


Updated: September 5, 2019

This page has been established to provide information regarding a data security incident that involves our customers’ personal data. This page explains what happened and provides information about what you should do in response to protect yourself. We are taking this matter very seriously and sincerely regret any concern it may cause you.

What Happened

CafePress recently discovered that an unidentified third party obtained customer information, without authorization, that was contained in a CafePress database. Based on our investigations, this may have occurred on or about February 19, 2019.

What Information Was Involved

We believe the unidentified third party obtained personal data pertaining to approximately 1,006,000 customer accounts in the EU, about 880,000 of which are for customers in the United Kingdom. The information included names, email addresses, passwords to customer CafePress accounts, and other information including in a limited number of cases the last 4 digits of credit card numbers. For less than 1% of the affected individuals, the information also included a tax identification number. We are notifying the UK Information Commissioner’s Office, the appropriate EU Data Protection Authorities of the incident, and individuals directly.

What We Are Doing

We have been diligently investigating this incident with the assistance of outside experts. We also have contacted and are cooperating with U.S. federal law enforcement authorities. In addition, we have taken various steps to further enhance the security of our systems and your information as a result of this incident, and the affected database has been moved to a different environment.

What You Can Do

We recommend you remain vigilant and take steps to protect against identity theft or fraud, including monitoring your accounts and free credit reports for signs of suspicious activity.

We also recommend that you visit the CafePress website and log in to any online account you may have, which should prompt you to change your account password, if you have not done so recently. In general, you should always ensure that you are not using the same password across multiple accounts, and that you are using strong passwords that are not easy to guess.

Customers should be mindful of the possibility of fraudulent emails and calls due to this incident. Any email you may receive from CafePress about this issue does not ask you to click on any links or open attachments and does not request your personal data. If you believe you have received a fraudulent email that claims to be from CafePress, avoid replying to the email, do not click on the links embedded in the email or download attachments from such suspicious emails.

More Questions

We are fully committed to protecting your information, and we deeply regret that this incident occurred.

If you have any questions or concerns for CafePress, please contact 0800 953 3053. The Support Line is available 24 hours a day, 7 days a week.

Individuals Outside United Kingdom

More information can be found at the links listed below.

CafePress Australia: cafepress.com.au/p/security2019

CafePress Canada: cafepress.ca/p/security2019

CafePress United States: cafepress.com/p/security2019

Contact details for supervisory authorities can be found at https://edpb.europa.eu/about-edpb/board/members_en.

TOP