Zappos has been hacked—The online shoe retailer announced that hackers had gotten to the network, and stolen customer account information.
“We were recently the victim of a cyber attack by a criminal who gained access to parts of our internal network and systems through one of our servers in Kentucky. We are cooperating with law enforcement to undergo an exhaustive investigation,” Zappos’ CEO Tony Hsieh said in an statement.
According to Fox News, Zappos currently has as many as 24 million customers.
Zappos noted that credit card information was not stolen. “The database that stores your critical credit card and other payment data was NOT affected or accessed,” said Hsieh.
Zappos did reveal that names, email and billing/shipping addresses, phone numbers, the last four digits from credit cards and your cryptographically scrambled password (but not your actual password) may have been obtained by hackers.
While Zappos embarks on an investigation, they have expired and reset all customer’s passwords and asks that customers now create a new password.
“We also recommend that you change your password on any other web site where you use the same or a similar password,” said Hsieh, who also warned customers to “exercise caution if you receive any emails or phone calls that ask for personal information or direct you to a web site where you are asked to provide personal information. ”
Zappos has turned off their phones and ask customers with questions to use email instead.
“We have made the hard decision to temporarily turn off our phones and direct customers to contact us by email because our phone systems simply aren’t capable of handling so much volume,” said Hsieh. 5 percent of Zappos customers would produce over 1 million phone calls, which Hsieh says, “most of which would not even make it into our phone system in the first place.”