Waiting For The Other Shoe To Drop – Online Retailer Zappos Hacked
Data breach at big Internet retailer Zappos highlights the need for consumers to take precautions when setting up online shopping accounts in order to better protect their identity.
A server of the Amazon.com-owned online shoe and clothing retailer Zappos was recently breached by hackers. They were able to access the personal data of some 24 million Zappos customers.
According to a letter the company sent out, Zappos informed customers that their account may have been accessed illegally by unauthorized individuals resulting in the possibility that personal information was compromised such as the user’s name, email address, billing address, shipping address, phone number, the last four digits of any credit cards number that was attached to the account and also possibly the account’s “cryptographically scrambled password.” The email went on to explain, somewhat reassuringly,
“The database that stores your critical credit card and other payment data was NOT affected or accessed.”
These days, practically all online retailers have wizened up enough to store their customers’ payment information such as their credit card details separately from the rest of their information, Zappos included as is indicated by their email.
Likewise, it seems that Zappos has adhered to the standard practice of encrypting all of their users’ passwords. However, as unlikely as it may seem, even encrypted passwords are considered to be valuable booty to thieves. “Hashes,” as encrypted passwords are referred to in security speak, are theoretically very difficult to crack but seasoned criminals often times process them using computer programs that enable them to identify and pick out weaker passwords. With enough computer power at their disposal, a hacker has the potential to figure out even passwords that are moderate or strong.
Research on the subject has indicated that most consumers are very likely to use the same password and same email account to set up profiles for multiple online shopping accounts. Therefore, once they have cracked one password, criminals are able to use it along with the corresponding email to siphon money methodically from the individual’s other accounts online.
Additionally, many consumers also provide information that is relatively easy to obtain in response to security questions, such as mother’s maiden name or their own date of birth, and all sophisticated hackers need to do is implement data mining techniques to gather all such information along with other information available in the Internet in order to have enough with which to steal an identity.
There is already a class-action lawsuit pending against Zappos, filed January 16 in federal court by Theresa Stevens, a resident of Beaumont, Texas. She is making the claim that due to the security breach at Zappos she and other users “are more likely to receive e-mails from spoof websites and unknowingly give away personal information to hackers,” according to online news source pcmag.com.
Latest Other Card News
The results of the 2019 Debit Issuer Study, commissioned by PULSE®, a debit/ATM network, and conducted by Oliver Wyman, a global management consulting firm, show that consumer debit use has skyrocketed in the last year and will keep soaring. In 2018, the number of debit transactions increased by 6.7% reaching more than 68 billion. According […]
Some serious changes are in store for many Citi credit cards like the Citi Prestige Card, the Citi Premier Card, the Citi Double Cash Card, the Costco Anywhere Visa Card by Citi, the American Airlines AAdvantage MileUp℠ Card, and some other. The updates imply elimination of some consumer and travel benefits. The bank’s official response […]
Priority Pass is a world-known program offering its members access to over 1200 airport VIP lounges with free food, drinks and entertainment in more than 500 cities across 143 countries. The program is available to everyone who’s paid for membership, regardless of a tickets class.
A virtual credit card is a unique credit card number that is linked to your main credit card account but is different from the physical card number. The virtual credit card number allows to shop online or over the phone without using your physical credit card. The numbers can usually be used once and expire if not used. The cardholders can also delete the numbers if they want or need to.
Credit scores and credit reports have become an integrate part of our lives and financial health. There are a lot of services that allow to check credit reports online and FreeCreditReport.com is one of them. FreeCreditReport.com is owned and operated by Experian, one of the three major credit bureaus in the U.S. The service provides […]