Waiting For The Other Shoe To Drop – Online Retailer Zappos Hacked

Thursday, January 19th, 2012

Data breach at big Internet retailer Zappos highlights the need for consumers to take precautions when setting up online shopping accounts in order to better protect their identity.

A server of the Amazon.com-owned online shoe and clothing retailer Zappos was recently breached by hackers. They were able to access the personal data of some 24 million Zappos customers.

According to a letter the company sent out, Zappos informed customers that their account may have been accessed illegally by unauthorized individuals resulting in the possibility that personal information was compromised such as the user’s name, email address, billing address, shipping address, phone number, the last four digits of any credit cards number that was attached to the account and also possibly the account’s “cryptographically scrambled password.” The email went on to explain, somewhat reassuringly,

“The database that stores your critical credit card and other payment data was NOT affected or accessed.”

These days, practically all online retailers have wizened up enough to store their customers’ payment information such as their credit card details separately from the rest of their information, Zappos included as is indicated by their email.

Likewise, it seems that Zappos has adhered to the standard practice of encrypting all of their users’ passwords. However, as unlikely as it may seem, even encrypted passwords are considered to be valuable booty to thieves. “Hashes,” as encrypted passwords are referred to in security speak, are theoretically very difficult to crack but seasoned criminals often times process them using computer programs that enable them to identify and pick out weaker passwords. With enough computer power at their disposal, a hacker has the potential to figure out even passwords that are moderate or strong.

Research on the subject has indicated that most consumers are very likely to use the same password and same email account to set up profiles for multiple online shopping accounts. Therefore, once they have cracked one password, criminals are able to use it along with the corresponding email to siphon money methodically from the individual’s other accounts online.

Additionally, many consumers also provide information that is relatively easy to obtain in response to security questions, such as mother’s maiden name or their own date of birth, and all sophisticated hackers need to do is implement data mining techniques to gather all such information along with other information available in the Internet in order to have enough with which to steal an identity.

There is already a class-action lawsuit pending against Zappos, filed January 16 in federal court by Theresa Stevens, a resident of Beaumont, Texas. She is making the claim that due to the security breach at Zappos she and other users “are more likely to receive e-mails from spoof websites and unknowingly give away personal information to hackers,” according to online news source pcmag.com.

Latest Other Card News

Monday, June 6th, 2016
If your wallet is bulging with store loyalty cards, there’s good news for you from Samsung Pay. The most widely accepted mobile digital wallet system in the United States is now ...
Tuesday, April 12th, 2016
Springtime is the season for house hunting, but many people planning to move this year say they’ll rent, not buy, their new digs.
Tuesday, January 5th, 2016
Online banking has revolutionized the way people do business with their banks, and one result is that fewer and fewer folks are actually stopping in to branches to do things like ...
Tuesday, December 8th, 2015
A new credit card from Barclaycard offers cash back rewards, as well as a redemption bonus when cardmembers redeem their rewards.
Monday, June 29th, 2015
Nordstrom agreed to sell its existing U.S. Visa and private label consumer credit card portfolio to TD Bank Group.
Pacific Credit Group Emporium Black Card
Copyright © 2001-2016 BestCreditOffers.com All Rights Reserved.

* The BestCreditOffers.com.com webpage is a free service and an information resource for credit cards and financial products and services available to eligible United States consumers. BestCreditOffers.com.com does not offer any warranties and is not a direct service. There are no guarantees for approval or offers when applying for a credit card. Please refer to the application if you would like more information on each credit card. When you click "Apply" for a particular credit card, please take the time to review the terms and conditions of the product/service at the issuer's website. All logos on the BestCreditOffers.com.com website are property of their respective owners.

BestCreditOffers.com makes every effort to keep information up to date and accurate. However, the information regularly changes and is presented without warranty. Therefore, we strongly recommend all our readers to visit the credit card application page by clicking "Apply Online!" button to review the detailed credit card's terms and conditions. Note that BestCreditOffers.com may be compensated by the credit card issuers when the readers apply for a credit card through this site.

BestCreditOffers.com is an independent, advertising-supported website which receives compensation from the credit card issuers and companies whose offers appear on the site. Compensation may impact how and where products appear on our site, including, for example, the order in which they may appear on the site pages. BestCreditOffers.com does not review or list all available financial or credit offers.

User Generated Content Disclaimer: These responses are not provided or commissioned by the bank advertiser. Responses have not been reviewed, approved or otherwise endorsed by the bank advertiser. It is not the bank advertiser's responsibility to ensure all posts and/or questions are answered.