24 million Zappos customers victims of cyber attack

Yet another cyber attack has been revealed that affects tens of millions of people. This time the victim was the online retail web site Zappos.com. In a message posted on its blog site late on Sunday, the company said:

We were recently the victim of a cyber attack by a criminal who gained access to parts of our internal network and systems through one of our servers in Kentucky. We are cooperating with law enforcement to undergo an exhaustive investigation.

Zappos said that the database had information on over 24 million customers. The information included names, e-mail addresses, billing and shipping addresses, phone numbers, the last four digits of the customer's credit card number, and the customers cryptographically scrambled password. Zappos claims that full credit card numbers and other payment information was not exposed as a result of the database attack.

The company is telling customers to reset their Zappos passwords due to this security breach and adds, "We also recommend that you change your password on any other web site where you use the same or a similar password."

Zappos is also temporarily shutting down its phone support and will be handling customer support via email only. The company says the reason for this move is "because our phone systems simply aren't capable of handling so much volume. (If 5% of our customers call, that would be over 1 million phone calls, most of which would not even make it into our phone system in the first place.)"

Report a problem with article
Previous Story

TechSpot: Intel X79 Motherboard Roundup

Next Story

Internet wins a victory as SOPA is shelved

15 Comments

Commenting is disabled on this article.

The site is usually pretty good - tons of selection and good prices/sales. I've changed my password, and from their site/e-mails it appears that they are doing everything right in order to protect their user base.

Wonder when the exact time is that this happened. I almost bought a pair of shoes last Thursday. Glad I didn't!

chadlachlanross said,
I first read 'Zippo' and was thinking 'How can you cyber-attack a cigarette lighter?'

Maybe one of those cheap USB ones of sorts then bomb it with I/O writes or USB exploits or something lol ?

While I have heard of them I have never used them, but the only reason I heard of them is because at one time Amazon was trying to buy them but I do not know if that deal ever passed.

Zippo7 said,
While I have heard of them I have never used them, but the only reason I heard of them is because at one time Amazon was trying to buy them but I do not know if that deal ever passed.

The deal went through. Though nothing really changed at Zappos.

UndergroundWire said,

Why are you glad? Comment makes no sense.
He's glad that he is not part of the security breach victim. Kapiche?

Krome said,
He's glad that he is not part of the security breach victim. Kapiche?

OH! So any site he hears about he buys from then. You see why it made no sense? Kapiche?

UndergroundWire said,

OH! So any site he hears about he buys from then. You see why it made no sense? Kapiche?

Fail argument is fail

Shaun said,

Fail argument is fail

My argument is that a bunch of these comments are "I never heard of them". So? It doesn't mean it didn't affect millions of people. It also doesn't mean it can't happen to a site you use.

Just a bunch of worthless comments for a bunch of people that don't know anything. That makes it an ultimate fail.