This is a work in progress. While we strive for accuracy, some breach details may be incomplete or pending verification.

Vistaprint

Summary

Vistaprint, the global web-to-print company, disclosed in December 2019 that approximately 800 Australian customers were affected by a data breach initially thought to have excluded local customers. The breach exposed customer contact information and order details for people who had used Vistaprint's online printing services for business cards, marketing materials, and other printed products.

What Happened

Hacking. Cybercriminals gained unauthorised access to Vistaprint's customer database, compromising information for customers who had placed orders through the online printing platform. The exposed data included names, email addresses, delivery addresses, phone numbers, and potentially details about printing orders such as business card designs or marketing material specifications. Vistaprint initially believed the breach had not affected Australian customers, but subsequent investigation revealed that approximately 800 local customers were indeed impacted. The breach was first disclosed to international customers before the Australian impact became clear.

Impact on Individuals

  • Contact Details Exposed: Names, addresses, email, and phone numbers compromised
  • Business Information: For business customers, company names and potentially confidential business card or marketing content exposed
  • Delivery Addresses: Home or business addresses linked to customer identities
  • Order History: Details about past printing orders potentially revealing business activities or personal projects
  • Phishing Risk: Verified customer contact information valuable for targeted scam emails

While the breach affected a relatively small number of Australian customers and involved basic contact information, it nonetheless created privacy and potential fraud risks.

Response

Vistaprint notified affected Australian customers once it determined they were impacted by the breach. The company reported the incident to relevant Australian authorities and offered guidance to affected customers about protecting their information. Vistaprint implemented enhanced security measures for its customer database and order management systems following the breach. The company advised customers to monitor their accounts for suspicious activity and to be alert for phishing attempts. The delayed discovery of Australian customer involvement highlighted the challenges global companies face in accurately assessing the geographic scope of data breaches across their international operations. +++

Verification Source: View original statement