Zappos

You may or may not be aware of the fact but if you're a Zappos customer, they've had rough few days. They're currently sending out an email (full verison is past the break) to all customers to provide information on the matter but the long and short of it all is they've had a security breach:

First, the bad news:

We are writing to let you know that there may have been illegal and unauthorized access to some of your customer account information on Zappos.com, including one or more of the following: your name, e-mail address, billing and shipping addresses, phone number, the last four digits of your credit card number (the standard information you find on receipts), and/or your cryptographically scrambled password (but not your actual password).

THE BETTER NEWS:

The database that stores your critical credit card and other payment data was NOT affected or accessed.

Zappos does of course have an Android app available in the Android Market, and if you frequent using that you'll now find that your online and in-app password has been proactively expired. When you login, you will see the message as shown above advising you that you'll need to create a new password, this is so that all passwords that were in use can be removed from the system.

The proactive expiring of your password on Zappos is a great thing but many people use the same password across sites. If you think you may have used the same password across sites, then it is suggested that you change those as well. A unique password should be used for each and every login you use.

Luckily, there are some apps out there to help keep you organized. 1Password Reader, Last Pass and even Google Authenticator for 2 step verification are all great options to employ for security. Take the time to stay safe folks; taking preventative measures can save you a lot of wasted time down the road trying to sort things out.

First, the bad news:

We are writing to let you know that there may have been illegal and unauthorized access to some of your customer account information on Zappos.com, including one or more of the following: your name, e-mail address, billing and shipping addresses, phone number, the last four digits of your credit card number (the standard information you find on receipts), and/or your cryptographically scrambled password (but not your actual password).

THE BETTER NEWS:

The database that stores your critical credit card and other payment data was NOT affected or accessed.

SECURITY PRECAUTIONS:

For your protection and to prevent unauthorized access, we have expired and reset your password so you can create a new password. Please follow the instructions below to create a new password.

We also recommend that you change your password on any other web site where you use the same or a similar password. As always, please remember that Zappos.com will never ask you for personal or account information in an e-mail. Please exercise caution if you receive any emails or phone calls that ask for personal information or direct you to a web site where you are asked to provide personal information.

PLEASE CREATE A NEW PASSWORD:

We have expired and reset your password so you can create a new password. Please create a new password by visiting Zappos.com and clicking on the "Create a New Password" link in the upper right corner of the web site and follow the steps from there.

We sincerely apologize for any inconvenience this may cause. If you have any additional questions about this process, please email us at passwordchange@zappos.com.

 

Reader comments

Zappos' security breached, time to change your password

3 Comments

But if you are traveling out of the country you can't change your password now. I hope nobody orders new shoes for me before I get back to the US.