US clothing megastore hacked, millions affected

By

CEO limits online apology to US customers.

A large US online shoe and clothing retailer has admitted hackers made of with personal details of millions of customers.

US clothing megastore hacked, millions affected

Attackers hacked a server in Kentucky and grabbed databases with names, phone numbers, email addresses and hashed passwords - but not credit card or payment data.

Chief executive officer Tony Hsieh said in an internal email republished online but banned to international visitors, that Zappos.com had reset passwords for all 24 million customers and would email them to advise of the incident.

"...we will begin the process of notifying the 24+ million customer accounts in our database about the incident and help step them through the process of choosing a new password for their accounts," Hsieh said.

He advised customers to change passwords of all accounts that share their Zappos password.

The company shut off telephone lines and reverted solely to email in anticipation of a deluge of customer calls.

Amazon bought Zappos for US$1.2 billion in 2009. Amazon accounts were not affected.

A copy of the internal email sent to staff and customers is available on Pastebin.com (http://pastebin.com/9hrp7U7x).

Got a news tip for our journalists? Share it with us anonymously here.

Copyright © SC Magazine, Australia

Tags:

Most Read Articles

Travel eSIMs secretly route traffic over Chinese and undisclosed networks: study

Travel eSIMs secretly route traffic over Chinese and undisclosed networks: study

Accenture to buy Australian cyber security firm CyberCX

Accenture to buy Australian cyber security firm CyberCX

TPG Telecom reveals iiNet order management system breached

TPG Telecom reveals iiNet order management system breached

"Shade BIOS" stealth malware hides below operating system

"Shade BIOS" stealth malware hides below operating system

Log In

  |  Forgot your password?