Tuesday, January 17, 2012

Was Zappos Hacked?

Was Zappos Hacked? - Online shoe store Zappos has been hacked, exposing the names, e-mail addresses, addresses, phone numbers and partial credit card numbers of its 24 million customers, the company said late Sunday night. Citing an "illegal and unauthorized access" to customer account information, the company reset its customers' passwords. Zappos then urged customers to change their login credentials on any other sites, for which they use the same password and username. Zappos said customers' passwords were exposed in the hack, but the online retailer insisted that they were encoded and that attackers had no access to customers' actual passwords. Resetting its users' passwords was just an added precaution, since its highly unlikely the hackers will be able -- or would take the time -- to unlock the encryption. Customers of Zappos' discount shoe store 6pm.com were also affected, and their passwords were reset as well. The "better news" was the cybercriminals that stole the information had no access to full credit card numbers or other payment data, since the database containing that information was not hacked. All that was revealed were the last four digits of customers' credit card numbers -- just like the information that appears on a printed receipt at a physical store. The last four digits of a credit card number serve as a way to identify a customer, but they are even more worthless than the last four digits of a Social Security number -- in terms of actually matching a real credit card number to a person. Was Zappos Hacked?

No comments: