Zappos hacked, 24 million affected

Summary:The attackers may have swiped names, e-mail addresses, billing and shipping addresses, phone numbers, the last four digits of credit card numbers and/or cryptographically scrambled passwords.

Online shoe shop Zappos has suffered a massive data breach that exposed user accounts for about 24 million users.

According to an e-mail from Zappos chief executive Tony Hsieh, attackers gained access to parts of the company's internal network and systems through a server in Kentucky.

Hsieh said the attackers may have swiped customer account information on Zappos.com, including names, e-mail addresses, billing and shipping addresses, phone numbers, the last four digits of credit card numbers and/or cryptographically scrambled password (but not the actual password).

Zappos made it clear that the database that stores critical credit card and other payment data was NOT affected or accessed.

Amazon.com, which owns Zappos, was not affected by this breach.

More details can be found in Hsieh's email.

Topics: Amazon, Security, Servers

About

Ryan Naraine is a journalist and social media enthusiast specializing in Internet and computer security issues. He is currently security evangelist at Kaspersky Lab, an anti-malware company with operations around the globe. He is taking a leadership role in developing the company's online community initiative around secure content managem... Full Bio

zdnet_core.socialButton.googleLabel Contact Disclosure

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Related Stories

The best of ZDNet, delivered

You have been successfully signed up. To sign up for more newsletters or to manage your account, visit the Newsletter Subscription Center.
Subscription failed.