Hackers hit Amazon Company, Zappos
by Adario Strange via stix - PC Mag Monday, Jan 16 2012, 8:17am
international / mass media / other press
With online shopping hitting record levels of adoption this past holiday season, it may seem to many that we're on the brink of a golden age of online commerce. But a hacking incident suffered by Zappos just last night could give some wary shoppers pause before making that next Internet purchase.
The security breach was revealed on Sunday evening by Zappos CEO Tony Hsieh via Twitter and on the company blog.
"We were recently the victim of a cyber attack by a criminal who gained access to parts of our internal network and systems through one of our servers in Kentucky," Hsieh wrote. "We are cooperating with law enforcement to undergo an exhaustive investigation."
Hsieh's message went on to stress that the database containing customer credit card and online payment information was not affected or accessed.
However, for those concerned about identity theft, apparently some vital information may have been obtained. Zappos plans to send out an email to its 24 million customers that says, in part: "there may have been illegal and unauthorized access to some of your customer account information on Zappos.com, including one or more of the following: your name, email address, billing and shipping addresses, phone number, the last four digits of your credit card number (the standard information you find on receipts), and/or your cryptographically scrambled password (but not your actual password)."
In response to the security breach, Zappos is automatically expiring all user passwords and advising its customers to create new ones. In the message to customers, Hsieh went on to say, "We've spent over 12 years building our reputation, brand, and trust with our customers. It's painful to see us take so many steps back due to a single incident."
Zappos is owned by Amazon, which purchased the online shoe seller in 2009.
© 2012 Ziff Davis, Inc