Have you shopped online at Zappos? If so, it’s time to change your password and stay away from clicking on phishing emails. Hackers have cracked into the popular shoe retailer owned by Amazon and stolen database of some 24 million customers.
Hackers have got access to all data that was not encrypted which includes names, email addresses and other personal information, including the last four digits of the credit card. However, the full credit or debit card number was encrypted as required under the Payment Card Industry Data Security Standard.
In an email to staff sent on Sunday Zappos chief executive Tony Hsieh said, said: "We were recently the victim of a cyber-attack by a criminal who gained access to parts of our internal network and systems through one of our servers in Kentucky.”
Zappos website continues to be down in most parts of the world and Hsieh announced on his twitter account @zappos on Sunday that he had sent the following security incident email to his staff: “We are so sorry – we are working on a few technical issues before opening up our site to traffic from locations outside the continental United States. We hope to open back up very soon. If you have any questions please email us at firstname.lastname@example.org."
Experts have warned that Zappos customers should be especially careful about clicking on phishing emails and should not divulge any sensitive information. Especially careful should be those customers who use the same password for multiple accounts. Zappos has asked its customers to change their password on Zappos and on all other websites where they have been using a similar password.
"We've spent over 12 years building our reputation, brand and trust with our customers," Hsieh said in a blog statement. "It's painful to see us take so many steps back due to a single incident."
Follow Emirates 24|7 on Google News.