TECHNOLOGY VIDEO

Pete Flint, co-founder and chief executive of Trulia, speaks at the Reuters Global Technology Summit in San Francisco, June 17, 2013. REUTERS/Stephen Lam
REUTERS GLOBAL TECHNOLOGY SUMMIT

Housing pop is no bubble: Trulia CEO

At the Reuters Tech Summit, Trulia chief executive Pete Flint says private equity investors are starting to pull back from buying U.S. real estate, while overseas buyers are coming on strong once again.  Video 

 

Pictures

Photo

Reuters Photojournalism

Our day's top images, in-depth photo essays and offbeat slices of life. See the best of Reuters photography.  See more | Photo caption 

Photo

Rage in Brazil

Mass protests erupt in the biggest cities of Brazil.  Slideshow 

Photo

The Afghan Army

The many faces of the Afghan National Army, which has taken over security of the country from NATO.  Slideshow 

Sponsored Links

24 million customer accounts hacked at Zappos

Related Topics

A Kentucky warehouse for Zappos.com is seen in an undated handout photo. REUTERS/Zappos.com/Handout

A Kentucky warehouse for Zappos.com is seen in an undated handout photo.

Credit: Reuters/Zappos.com/Handout

Mon Jan 16, 2012 3:21pm EST

(Reuters) - Online shoe retailer Zappos told customers this weekend that it has been the victim of a cyber attack affecting more than 24 million customer accounts in its database.

The popular retailer, which is owned by Amazon.com, said customers' names, email addresses, billing and shipping addresses, phone numbers and the last four digits of credit cards numbers and scrambled passwords were stolen.

But it said the hackers had not been able to access servers that held customers critical credit card and other payment data.

"We were recently the victim of a cyber attack by a criminal who gained access to parts of our internal network and systems through one of our servers in Kentucky," Zappos chief executive Tony Hsieh said in an email to staff which was posted on the company's blog on Sunday.

"We are cooperating with law enforcement to undergo an exhaustive investigation," he added.

Zappos said it was recommending that customers change their passwords including on any other website where they use the same or similar password.

The company, which is well known for its customer service, said due to the high volume of customer calls it is expecting it will temporarily switch off its phones and direct customers to contact via email.

(Reporting By Yinka Adegoke)
Tech
We welcome comments that advance the story through relevant opinion, anecdotes, links and data. If you see a comment that you believe is irrelevant or inappropriate, you can flag it to our editors by using the report abuse links. Views expressed in the comments do not represent those of Reuters. For more information on our comment policy, see http://blogs.reuters.com/fulldisclosure/2010/09/27/toward-a-more-thoughtful-conversation-on-stories/
Comments (3)
mb56 wrote:
It is well past time to REQUIRE that all uniquely identifying information be encrypted when stored on company computers. Encryption is easily and economically available these days – there is no longer any rational excuse to loose plain-text customer information to some hacker. When is Congress going to step up and make this a requirement for any business storing personal information?

Jan 16, 2012 9:04pm EST  --  Report as abuse
Nullcorp wrote:
I just placed my first two orders with Zappos last week. So much for the focus on customer service. Everything about their marketing tries to convince you that they care about you, but apparently that concern does not extend to protecting my personal data.

I agree with the comment from ‘mb56′ who suggests that encryption of customer data should be legally mandated. Instead of SOPA and other legislation introduced to protect corporations, Congress should be passing laws that protect citizens instead. Encryption can often be broken but there’s really no excuse for customer data to be stored in an unencrypted format.

Jan 17, 2012 1:22pm EST  --  Report as abuse
Nullcorp wrote:
I’ll also add that my personal info was stolen during the EMC student loan data breach a few years ago. The stolen information was stored on 600+ CDs (IIRC), not online. But the thieves threw away all the CDs once the realized that the data was encrypted. Ironically that is how they got caught. But it was a big relief to know that the stolen data was encrypted and that the thieves had given up. Encryption should really be standard practice, required by law.

Jan 17, 2012 1:26pm EST  --  Report as abuse
This discussion is now closed. We welcome comments on our articles for a limited period after their publication.
See All Comments »