Zappos: Customer Database Hacked

Zappos - a popular online shoe and apparel retailer owned by Amazon - says the personal information of their 24 million customers may now be in the hands of hackers. 

Here's an excerpt from Zappos CEO Tony Hsieh's email sent to the company's employees yesterday, which is also posted on the Zappos official blog:

First, the bad news: We are writing to let you know that there may have been illegal and unauthorized access to some of your customer account information on Zappos.com, including one or more of the following: your name, e-mail address, billing and shipping addresses, phone number, the last four digits of your credit card number (the standard information you find on receipts), and/or your cryptographically scrambled password (but not your actual password).

As the email notes (in capslock), the good news is that Zappos keeps full credit card numbers and other payment data in a separate database, which was not affected by the cyberattack. The company reset the passwords of all customers and is currently contacting them with instructions on how to set a new one. That information, along with updates from the company on the security breach, is also available here.

Want to call and get more information? You can't. According to the employee email, Zappos is anticipating so many customers to contact them over the apparent hack that they've decided to turn off their phone lines and get everyone on staff to help answer customers' questions by email.