The hacking carousel keeps spinning, and this time it’s Zappos’ turn to take a ride – to the misfortune of its customers. A Zappos server located in Kentucky was hacked, the company stated on a notice to its customers posted on the Zappos website. An e-mail to all customers was sent out Sunday morning warning customers that names, e-mail addresses, billing and shipping addresses, phone numbers, and the last four digits of credit card numbers have all been accessed by the hacker or hackers. Full credit card numbers were stored elsewhere, and remain safe. User passwords were encoded, but Zappos is still taking a precautionary measure by changing all user passwords, and giving customers instructions on how to set a new password. Zappos is also urging customers who use their Zappos password on other websites to change those passwords, as well. Users of Zappos’ discount site, 6pm.com, are also affected.
Boasting 24 million customers, this hack represents one of the most damaging in terms of personal information leaked. It’s a black eye for Zappos, a shoe and apparel retailer that built its reputation on exceptional customer service as a top priority. That customer service will take a hit, as Zappos’ lauded phone lines will all be down because the company’s calling network is not believed to be able to handle the volume of calls expected. All customer service will be handled via email, with CEO Tony Hsieh stating that the company will have “all hands on deck” working to answer customer e-mails promptly. Hsieh also stated that the company is working with law enforcement agencies to track down the perpetrators, and offered deep apologies to all Zappos customers.
As of now, those located outside of the United States are unable to access Zappos.com, due to site maintenance as a result of the incident. There is no timetable for when international access to the site will return.
Even for those who aren’t Zappos customers, the hack serves as a useful reminder to all Internet users – your privacy is on life-support, and there are always a few people trying to pull the plug. Stay safe, and keep switching those passwords up.