Bought a pair of shoes online from fun shoe selling retailer Zappos recently?
If you said yes then it’s likely your information, along with million other shoppers, is in the hands of hackers! That’s correct, Zappos was hacked! Hacked info included the last four digits of credit cards, email addresses, names and passwords.
Zappos made the announcement today. Here’s an email Zappos CEO Tony Hseh sent to employees disclosing the hack:
Dear Zappos Employees -Please set aside 20 minutes to carefully read this entire email.
We were recently the victim of a cyber attack by a criminal who gained access to parts of our internal network and systems through one of our servers in Kentucky. We are cooperating with law enforcement to undergo an exhaustive investigation.
Because of the nature of the investigation, the information in this email is being sent a bit more formally, and unfortunately we are not able to provide any more details about specifics of the attack beyond what is in this email and the link at the end of this email, but we can say that THE DATABASE THAT STORES OUR CUSTOMERS’ CRITICAL CREDIT CARD AND OTHER PAYMENT DATA WAS NOT AFFECTED OR ACCESSED. The most important focus for us right now is the safety and security of our customers’ information. Within the next hour, we will begin the process of notifying the 24+ million customer accounts in our database about the incident and help step them through the process of choosing a new password for their accounts. (We’ve already reset and expired their existing passwords.) Here is the email that our customers will be receiving: ————————————————————————- Subject: Information on the Zappos.com site – please create a new password First, the bad news:We are writing to let you know that there may have been illegal and unauthorized access to some of your customer account information on Zappos.com, including one or more of the following: your name, e-mail address, billing and shipping addresses, phone number, the last four digits of your credit card number (the standard information you find on receipts), and/or your cryptographically scrambled password (but not your actual password).
THE BETTER NEWS: The database that stores your critical credit card and other payment data was NOT affected or accessed.
SECURITY PRECAUTIONS: For your protection and to prevent unauthorized access, we have expired and reset your password so you can create a new password. Please follow the instructions below to create a new password. We also recommend that you change your password on any other web site where you use the same or a similar password. As always, please remember that Zappos.com will never ask you for personal or account information in an e-mail. Please exercise caution if you receive any emails or phone calls that ask for personal information or direct you to a web site where you are asked to provide personal information. PLEASE CREATE A NEW PASSWORD:
Read more of this email here, and if you’re a sneakerhead who is affected, drop us a line!
