Steven Sprague
Tuesday, January 17, 2012

Another major breach is in the headlines. Zappos, an online shoe and apparel retailer owned by Amazon, disclosed Sunday night that more than 24 million of its customer accounts had been compromised. Hackers accessed customer names, email addresses, phone numbers, the last four digits of credit card numbers and cryptographically scrambled passwords.

To its credit, Zappos moved quickly, resetting the passwords for all the affected accounts. But it was cold comfort for those who may still be in danger of having their data exposed if they used the same or similar credentials on other websites. This concern prompted Zappos CEO Tony Hsieh to warn customers of possible phishing scam exposures in an email to affected customers. It’s another reminder of the sad state of security today.