16 Jan 2012

Zappos.com hit by hackers; credit card numbers compromised

Large-scale internet shoe retailer Zappos.com may need to increase the amount of internet security they use after a data breach compromised customers billing addresses and credit card numbers. The websites' discount affiliate 6pm.com reported the breach, but the company said the data breach didnt' affect payment data.

"There may have been illegal and unauthorized access to some of your customer account information ... including one or more of the following: your name, e-mail address, billing and shipping addresses, phone number, the last four digits of your credit card number (the standard information you find on receipts), and/or your cryptographically scrambled password (but not your actual password)," according to a letter from the ecommerce company.

Zappos asked customers to reset their passwords on this websites and other websites where the same or similar passwords are used. The company tried to assure customers that database credit card information was not accessed by the cybercriminals and they merely got the last four digits and billing address.

Tony Hsieh, chief executive of Zappos, said the company was "the victim of a cyber attack by a criminal who gained access to parts of our internal network and systems through one of our servers in Kentucky." Better internet security could help them stop the next attack before it happens.