Amazon-owned Zappos warns users after cyber-attack

Zappos website Zappos says credit card and payment data was not exposed

Related Stories

Cyber-attackers have struck Zappos, the Amazon-owned fashion e-retailer.

The company has reset the passwords of 24 million customers and asked them to choose new ones.

It said names, email addresses and other personal information may have been exposed, but not full credit card numbers.

Though significant, other attacks have been larger. In 2010 a US court convicted a hacker of stealing details from more than 130 million cards.

Zappos, which was founded in 1999 by Nick Swinmurn, started out as an online shoe retailer but now sells clothing and accessories.

It was sold to Amazon for more than $1bn (£650m) in 2009.

In an email to staff sent on Sunday and posted on the company website, Zappos chief executive Tony Hsieh said: "We were recently the victim of a cyber-attack by a criminal who gained access to parts of our internal network and systems through one of our servers in Kentucky.

"We are co-operating with law enforcement to undergo an exhaustive investigation."

Mr Hsieh added: "We've spent over 12 years building our reputation, brand, and trust with our customers. It's painful to see us take so many steps back due to a single incident."

Scrambled

Following the attack the company wrote to its 24 million customers asking them to choose new passwords for zappos.com and any other site where they may have used the same or similar password.

The email said the attack had potentially exposed the name, email address, billing and shipping address and phone number of customers.

It also warned that "the last four digits of your credit card number (the standard information you find on receipts), and/or your cryptographically scrambled password (but not your actual password)" may have been exposed in the attack.

However, in his message to company staff Mr Hsieh stressed that the credit card and payment database had not been accessed.

More on This Story

Related Stories

The BBC is not responsible for the content of external Internet sites

More Technology stories

RSS

Features

BBC © 2014 The BBC is not responsible for the content of external sites. Read more.

This page is best viewed in an up-to-date web browser with style sheets (CSS) enabled. While you will be able to view the content of this page in your current browser, you will not be able to get the full visual experience. Please consider upgrading your browser software or enabling style sheets (CSS) if you are able to do so.