i-Dressup

In 2016, i-Dressup.com suffered a data breach compromising approximately 2.1 million users' personal information, including usernames, passwords, email addresses, and dates of birth. The breach exposed the site's inadequate data security measures, such as storing passwords in plain text and failing to implement proper network security protocols. Additionally, the Federal Trade Commission (FTC) found that i-Dressup violated the Children's Online Privacy Protection Act (COPPA) by collecting personal information from children under 13 without obtaining verifiable parental consent.

Data Included in the Breach