By Kelly Anne Fitzpatrick on January 17, 2012 in
Hackers accessed sensitive user information, online retailer Zappos.com told customers and employees Sunday. Not only did the breach reveal 24 million customers' phone numbers and email, shipping, and billing addresses, but the hackers also retrieved usernames, passwords, and partial credit card numbers. And if that login information is similar to identifiers used at other sites, users may be at risk for identity theft, Stephen B. Wicker, professor of Electrical and Computer Engineering at Cornell University, said in a prepared statement.
Back in April ConsumerSearch's own electronics editor Carl Laron predicted phishing expeditions (hackers' journeys into companies' sensitive client data, that is) may pick up in the near future. His words turned out to be prophetic. Only three weeks later, another break-in exposed PlayStation users' info, but it appears the recent Zappos security breach was handled more skillfully, with Zappos taking action almost immediately. Zappos also assures customers full credit card information was not accessed, reported ABC News.
So what's a scarred shopper to do?
- Customers affected by this breach should already have received an email from Zappos explaining that your Zappos account was automatically "expired." Users need only reset their Zappos.com password to get on with shopping.
- Zappos recommends users immediately change any similar usernames or passwords used at other sites. For that matter, it's wise to use a unique username and password combination at every site you visit, especially those storing personal information.
- "Exercise caution if you receive any emails or phone calls that ask for personal information or direct you to a web site where you are asked to provide personal information," Zappos told customers.
- Continue to use common sense when it comes to revealing your personal information. ABC News reported 90 percent of companies admit they've been hacked. It's users' responsibility to ensure their information is safe.