Catherine Forsythe

Catherine Forsythe
Bio
know a bit about computer security, dogs, horses, skiing, medicine and making risotto. My nickname in real life/online is "Noggie" - I'm on Twitter, with the @dogreader account.

JANUARY 16, 2012 6:00AM

Data Breach at Zappos May Have Exposed 24 Million Customers

Rate: 7 Flag

                      passwordsecuity

Zappos.com is a hugely successful online shoe retailer. The site also markets clothing and is a subsidiary of Amazon. Unfortunately, customers of Zappos will have a terrible Monday morning surprise. Zappos has been hacked and has suffered a massive data breach, involving approximately twenty four million (24,000,000) customers:

"...  Cyber criminals may have accessed customers' names, e-mail addresses, billing and shipping addresses, phone number, and the last four digits of consumers' credit card numbers, the firm said in an announcement that was posted on Zappos' Web site late Sunday night.  Full credit card numbers were not stolen, the firm said, because they were stored separately."

link:   Zappos says hacker may have accessed info on 24 million customers

Customers are requested to create a new password. However, the danger is that some customers may use the same email address and password at other sites. For example, if that same email address and password combination is used at a site like PayPal, then there is an immediate threat with this data breach. It becomes imperative that such email address and password combinations be changed.

There is a way to have a different password for every site that requires such security. It is a very easy system that will not place excessive stress on one's memory. The unfortunate breach at Zappos illustrates why using the same password on different sites is a very dangerous practice.

If you think that there are some family members or friends who are Zappos customers, please let them know about this massive security breach. Zappos customers will be notified by email. Hopefully that notification will be read.

Catherine Forsythe 

some additional links

Zappos customer data accessed in security breach

Zappos Says Hackers May Have Accessed Customer Account Details

Zappos hit by massive data breach

further updates:  Non-U.S. customers kept in the dark as Zappos cleans up after data breach 

 Zappos breach a lesson in password security

Your tags:

TIP:

Enter the amount, and click "Tip" to submit!
Recipient's email address:
Personal message (optional):

Your email address:

Comments

Type your comment below:
Thanks for the warning! Do you think the theft of such massive amounts of information is more symbolic than useable by the hackers? Like, "Ha ha you imperialstic capitalist dolts, we can have you by the short hairs at any time!" Or do you think it is international in origin? Just Q's that come to mind...
Linnnn, I think that hackers / cybercriminals use their time judiciously. There was a time when hackers wanted to be disruptive. However, I think that there is a profit motive. The information that was breached can be used in numerous harmful ways.

On the internet, we are all in the same neighborhood...
We hate Zappos, they won't hire me, say I'm not Zappos material!! ~:(

:D
I LOVE the ad that this is pulling up!!!

Valid Credit Card Numbers
Search multiple engines for valid credit card numbers
www.webcrawler.com

~ROTFLMAO~ Webcrawler is my newest favorite search engine!! :D
I just received an E-mail from Zappos telling me to change my password... ~r
Thank you, Catherine. r.
Wow. Two years ago I bought phone battery online-$14.95. It didn't fit my phone, so I returned it. A few months later, the site was hacked and within two days, someone was charging a thousand dollars a day on my charge card. It took awhile to clear things up, but I will never charge online again. It's not worth it. I like your suggestion of different passwords though, if I could only remember.
This worries me.

I don't like anyone knowing my shoe size.
We doth now live in a very scary world where your identity is not your own.

HUGGGGGGGGGGG
Thanks for the warning. I have long been using a system where I never ever ever use any of the passwords for my banking sites (different ones for each one) for any other purpose, no matter what. And I always decline the "save your credit card info for future purposes" if there is one. But I'm sure I've slipped up a time or two, and will be watching my credit cards diligently.