Waiting For The Other Shoe To Drop – Online Retailer Zappos Hacked
Data breach at big Internet retailer Zappos highlights the need for consumers to take precautions when setting up online shopping accounts in order to better protect their identity.
A server of the Amazon.com-owned online shoe and clothing retailer Zappos was recently breached by hackers. They were able to access the personal data of some 24 million Zappos customers.
According to a letter the company sent out, Zappos informed customers that their account may have been accessed illegally by unauthorized individuals resulting in the possibility that personal information was compromised such as the user’s name, email address, billing address, shipping address, phone number, the last four digits of any credit cards number that was attached to the account and also possibly the account’s “cryptographically scrambled password.” The email went on to explain, somewhat reassuringly,
“The database that stores your critical credit card and other payment data was NOT affected or accessed.”
These days, practically all online retailers have wizened up enough to store their customers’ payment information such as their credit card details separately from the rest of their information, Zappos included as is indicated by their email.
Likewise, it seems that Zappos has adhered to the standard practice of encrypting all of their users’ passwords. However, as unlikely as it may seem, even encrypted passwords are considered to be valuable booty to thieves. “Hashes,” as encrypted passwords are referred to in security speak, are theoretically very difficult to crack but seasoned criminals often times process them using computer programs that enable them to identify and pick out weaker passwords. With enough computer power at their disposal, a hacker has the potential to figure out even passwords that are moderate or strong.
Research on the subject has indicated that most consumers are very likely to use the same password and same email account to set up profiles for multiple online shopping accounts. Therefore, once they have cracked one password, criminals are able to use it along with the corresponding email to siphon money methodically from the individual’s other accounts online.
Additionally, many consumers also provide information that is relatively easy to obtain in response to security questions, such as mother’s maiden name or their own date of birth, and all sophisticated hackers need to do is implement data mining techniques to gather all such information along with other information available in the Internet in order to have enough with which to steal an identity.
There is already a class-action lawsuit pending against Zappos, filed January 16 in federal court by Theresa Stevens, a resident of Beaumont, Texas. She is making the claim that due to the security breach at Zappos she and other users “are more likely to receive e-mails from spoof websites and unknowingly give away personal information to hackers,” according to online news source pcmag.com.
Latest Other Card News
2020 has definitely been a very unusual and challenging year. Many of us have been waiting for its end more than ever. And now, when there is less than a week left until the beginning of the new year, it’s time to sum up the outgoing one and find out the results of the annual […]
Walmart is finally ready to introduce a new subscription service offering free same-day delivery and fuel discount. Walmart+ was supposed to go live back in July, however, it was delayed due to the COVID-19 outbreak. Now the launch is planned to take place on September 15. The new product will help you order any goods […]
This month, American Express introduced its new tool called MyCredit Guide. The Amex website says: “We believe everyone should know their credit score and have the tools to understand it better.” That’s why the new feature was developed. Using the tool, you can find out your credit score and take a look at your credit report, […]
A virtual credit card is a unique credit card number that is linked to your main credit card account but is different from the physical card number. The virtual credit card number allows to shop online or over the phone without using your physical credit card. The numbers can usually be used once and expire if not used. The cardholders can also delete the numbers if they want or need to.
The results of the 2019 Debit Issuer Study, commissioned by PULSE®, a debit/ATM network, and conducted by Oliver Wyman, a global management consulting firm, show that consumer debit use has skyrocketed in the last year and will keep soaring. In 2018, the number of debit transactions increased by 6.7% reaching more than 68 billion. According […]