Amazon’s Zappos Hacked, Data For Over 24 Million Customers Potentially Exposed

Posted January 15, 2012 by Tim Whitman in Attack Vectors, Data Breach, Database Security, Hacker News, Retail with 0 comments

Zappos.com, best-known for selling shoes and clothing online and its top-notch customer service and corporate culture, appears to be the latest victim of a cyber attack resulting in a data breach.

In an internal email to Zappos employees on Sunday, CEO Tony Hsie asked employees to set aside 20 minutes of their time to read about the breach and what communications would be sent to its over 24 million customers.

While Hsieh, who said the attack occured through one of the company’s servers in Kentucky, said that credit card data was not compromised, he did say that “one or more” of the following pieces of personal information has been accessed by the attacker(s): customer names, e-mail addresses, billing and shipping addresses, phone numbers, the last four digits of credit card numbers. User passwords were “cryptographically scrambled,” Hsieh said, suggesting that they were likely “hashed,” a good security practice but still not a method that makes passwords (especially weak passwords) impervious to hackers.

Click here to read full article >>

Tags: amazon, credit card data, cyber attack, cybercrime, data, data breach, data loss, data security, data theft, database activity monitoring, database security, password security, PII, weak passwords, Zappos, Zappos breached, Zappos hacked

Share|

TeamSHATTER