i-dressup.com

i-dressup.com, also known as iDressup, operates as a teen-focused social platform.
The company is headquartered in the United States of America.
The platform allows users to create personal accounts and engage with peers around topics of fashion and virtual dressing up.
Its primary market consists of adolescent users seeking a community centered on style expression.
The service is delivered through a website that enables profile creation, messaging, and sharing of outfit ideas.

In September 2016, the platform experienced a significant data breach.
The breach resulted from an SQL injection vulnerability that allowed an attacker to access the user database.
Initially, the attacker obtained over 2.2 million account details, including usernames and passwords.
The entire database contained approximately 5.5 million records, all of which remained exposed due to unaddressed security flaws.
Among the exposed data were plaintext passwords, meaning the credentials were stored without encryption.

The incident highlighted the platform's lack of basic security controls, such as input validation and password hashing.
Despite receiving multiple private notifications about the active vulnerability, the operators did not implement remedial actions.
The breach was independently verified by checking the stolen credentials against the site's password recovery mechanism, confirming their authenticity.
Because passwords were stored in plaintext, the risk of credential reuse and account takeover was substantially increased for affected users.
The event positioned i-dressup.com as an example of a teen-oriented service that failed to protect sensitive authentication information.