Zappos Data Breach - Customer Safety and Security
Legacy signals
Legacy popularity: 1,972 legacy views
Online shoe and apparel shop Zappos, now owned by Amazon, reported earlier this week that 24 million users names, e-mail addresses, billing and shipping addresses, phone numbers, and the last four digits of credit card numbers may have been illegally accessed. In response to this breach, Zappos has expired and reset all passwords. They have also temporarily foregone using their 800 number phone service in an effort to redeploy customer-service representatives to respond to customer email.
Zappos CEO Tony Hsieh posted an open letter online to Zappos employees about a “cyberattack by a criminal who gained access to parts of our internal network and systems through one of our servers in Kentucky.” In this open letter, Hsieh wrote, “The most important focus for us now right now is the safety and security of our customers’ information.
Now, four days and counting after Zappos revealed user details had been breached in a digital intrusion, the company is still blocking access to Zappos.com from outside the U.S. In one tweet from a Zappos customer service representative, Rick Duggan apologized for the inconvenience, said that service had been restored to the United Kingdom and was “rolling out to other locations.”
Zappos says the attacker likely gained access to customer name, email address, billing and shipping addresses, phone numbers, the last four digits of the customer card numbers and the customer’s “cryptographically scrambled password.” But other payment data, such as full credit-card and payment information, is not believed to have been accessed by the attacker.
If you are a Zappos or Amazon customer we recommend that you take these steps right away;
Change your password immediately. If you use this password for other online accounts, change it there as well.
NEVER respond directly to information requests in emails.
Retailers and banks should never ask you to provide sensitive information like your credit card or Social Security number in an email. Even if the email looks official or directs you to a website that appears to be an official company website, do not provide personal information, or login. Instead, contact the company at a well-known, published web address or phone number.
Check your account statements regularly. Most financial institutions allow you to review your account online. Do a quick check of your credit, savings, and checking accounts. If you see suspicious activity, contact your bank or creditor immediately.
Article author
About the Author
Dovell Bonnett has been creating security solutions for computer users for over 20 years. In order to provide these solutions to consumers as directly, and quickly, as possible, he founded Access Smart. With each of his innovations, the end user — the person sitting in front of a computer — is his No. 1 customer.
This passion, as he puts it, to “empower people to manage digital information in the digital age” also led him to write the popular Online Identity Theft Protection for Dummies. Within the pervasive nature of our e-commerce and e-business community, personal information, from credit card numbers to your pet’s name, is more easily accessed, and identity theft and fraud has become an issue that touches every consumer.
Mr. Bonnett’s solutions reduce security risks for individual users, small businesses and large corporations. His professional experience spans 21 years in engineering, product development, sales and marketing, with more than 15 years focused specifically on smartcard technology, systems and applications. Mr. Bonnett has spent most of his smartcard career translating and integrating technology components into end-user solutions designed to solve business security needs and incorporating multi-applications onto a single credential using both contactless and contact smartcards. He has held positions at National Semiconductor, Siemens (Infineon), Certicom, Motorola and HID. He is the author of smartcard articles, regularly presents at conferences, and helps companies successfully implement smartcard projects. Mr. Bonnett has been an active member of the Smart Card Alliance contributing to the development of physical access security white papers. He holds dual bachelor’s degrees in industrial and electrical engineering from San Jose State University.
Further reading
Further Reading
Article
Students Beware! Identity thieves are studying you!
It is probably no surprise to most adults that identity theft is one of the fastest growing types of fraud. But what may be more alarming is that people in the 18 to 29 age range are the fastest growing group of victims. One need not look too far to figure out why. Today’s young people ...
Related piece
Article
Things to consider when trying to get out of debt!
On a daily basis, consumers are barraged by offerings from companies claiming they can turn their dismal credit histories around and help them achieve higher credit scores. For a fee, they promise to clean up a consumer’s credit report so they can obtain a car loan, a home mortgage or ...
Related piece
Article
Passwords Don't Have to Threaten Business Security
The emergence of the World Wide Web as a global, around the clock marketplace has opened a multitude of new opportunities to businesses which have never before been seen. Computers and global communication networks have brought vendors, customers and markets together in new and beneficial ways. Along with all of the benefits which business has gained from the information age come some downsides. New crimes have not been created by new technology, but rather new technology has given new tools to criminals to commit the same crimes as they always have.
Related piece
Article
5 Mistakes to Avoid when Dealing with a Debt Collector
Dealing with a collection agency can be a stressful experience. Not only are some debt collectors rude, but endless demanding telephone calls and letters can shake even the toughest individual. The stress and confusion that debt collectors can cause often results in consumers making mistakes that can result in future financial or legal difficulties. Here are 5 mistakes to avoid when dealing with a debt collector; 1. Conducting Business over the Telephoner
Related piece