Categorized | Business

Online store Zappos.com has customer database breach of over 24M accounts

By Hawaii 24/7 Staff

Tony Hsieh, Zappos CEO

Tony Hsieh, Zappos CEO

Online store Zappos.com has notified over 24 million customers on Sunday (Jan 15) of a database breach and has reset all customer passwords as a precaution. The retailer, well known for selling shoes online, urges customers to login and create a new password.

Zappos CEO Tony Hsieh said, “We were recently the victim of a cyber attack by a criminal who gained access to parts of our internal network and systems through one of our servers in Kentucky.” Hsieh said they were working with law enforcement in an investigation. There was no word of how long the database  may have been breached.

Zappos had over $1 billion in sales in 2008 and was acquired by Amazon.com in 2009. Amazon.com has not reported any security issues with their customer database regarding the Zappos breach.

Because of the large customer base Zappos has turned-off their customer phone service and will handle customer service via email only at this time. Below is the message sent out to customers.

Subject: Information on the Zappos.com site – please create a new password

First, the bad news:

We are writing to let you know that there may have been illegal and unauthorized access to some of your customer account information on Zappos.com, including one or more of the following: your name, e-mail address, billing and shipping addresses, phone number, the last four digits of your credit card number (the standard information you find on receipts), and/or your cryptographically scrambled password (but not your actual password).

THE BETTER NEWS:

The database that stores your critical credit card and other payment data was NOT affected or accessed.

SECURITY PRECAUTIONS:

For your protection and to prevent unauthorized access, we have expired and reset your password so you can create a new password. Please follow the instructions below to create a new password.

We also recommend that you change your password on any other web site where you use the same or a similar password. As always, please remember that Zappos.com will never ask you for personal or account information in an e-mail. Please exercise caution if you receive any emails or phone calls that ask for personal information or direct you to a web site where you are asked to provide personal information.

PLEASE CREATE A NEW PASSWORD:

We have expired and reset your password so you can create a new password.

Please create a new password by visiting Zappos.com and clicking on the “Create a New Password” link in the upper right corner of the web site and follow the steps from there.

We sincerely apologize for any inconvenience this may cause. If you have any additional questions about this process, please email us at passwordchange@zappos.com

 

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

 

Quantcast