Zappos has had a security breach. The Amazon (NASDAQ:AMZN) subsidiary is scrambling to shore up its defenses after 24 million customers' personal data were hacked. In IT Blogwatch, bloggers foresee spam and phishing, plus problems for people who re-use passwords.
Your humble blogwatcher (@richi ) curated these bloggy bits for your entertainment. Not to mention: MikuMikuMoving demo...
Steven Musil reports:
Customers' names, e-mail addresses,..addresses, phone numbers,..and their scrambled passwords may have been illegally accessed.
..The company has voided and reset customer passwords so that new ones can be created. .. [The] affected servers are located in Kentucky. .. [Zappos is] cooperating with law enforcement officials on an investigation.
John Leyden adds:
Up to 24 million customers of the Amazon subsidiary may have been affected. .. Zappos stressed that credit card data was not exposed. .. Accounts or passwords maintained with parent firm Amazon.com are not affected.
..Surfers who made the mistake of using the same account login credentials at..other sites would be advised to change their passwords pronto. .. [It will] result in an increase of regular spam and is likely to spawn phishing attacks.
Matt Flegenheimer exhibits the fourth temperament:
[The] companys chief executive, Tony Hsieh..said the company made the hard decision to temporarily shut off its phones..because the phone systems..arent capable of handling the expected volume of inquiries.
..Weve spent over 12 years building our reputation, brand, and trust. .. Its painful to see us take so many steps back due to a single incident.
Andy Greenberg has another helpful link:
Zappos customers can change their passwords here.
But Ina Steiner has more bad news:
Sister site 6pm.com [is] also affected.
Don't miss out on IT Blogwatch:
- Follow @richi, your humble blogwatcher, on Twitter
- Subscribe to the Computerworld Blogs newsletter
- Catch up with posts from the previous few days
Richi Jennings is an independent analyst/consultant, specializing in blogging, email, and security. He's the creator and main author of Computerworld's IT Blogwatch -- for which he has won American Society of Business Publication Editors and Jesse H. Neal awards on behalf of Computerworld. He also writes The Long View for IDG Enterprise. A cross-functional IT geek since 1985, you can follow him as @richi on Twitter, pretend to be richij's friend on Facebook, or just use good old email: firstname.lastname@example.org. You can also read Richi's full profile and disclosure of his industry affiliations.