73°F
weather icon Partly Cloudy
Las Vegas, NV
Business

Zappos.com shuts down phones, battles security breach

6561940-3-4
6561940-3-4
6561641-1-4
More Stories
An aerial view of Durango hotel-casino, on Tuesday, Jan 7, 2025, in Las Vegas. (Bizuayehu Tesfa ...
Red Rock executives say they could endure a recession if it happens
Thousands head to Las Vegas Convention Center seeking a job — PHOTOS
Nevada is seeing some shakiness in tourism, and experts are expecting fewer visitors going forw ...
New Nevada revenue forecast slices $191 million out of 2026-27 budget
Fidelity National Financial at 1701 Village Center Circle is seen, on Tuesday, Feb. 11, 2025, i ...
Bill Foley-led company confirms sale of Summerlin headquarters
By CAITLIN MCGARRYLAS VEGAS REVIEW-JOURNAL
January 16, 2012 - 5:57 pm
 

Don't bother calling Zappos.com today. The online shoe retailer won't answer.

The Las Vegas Valley-based company temporarily turned off its phones Monday and would only respond to customers by email after announcing that 24 million customer accounts were compromised in a security breach.

The company Monday morning alerted account-holders of the incident and reset all passwords so customers have to choose a new one to log in.

For customers, the breach means names, addresses, scrambled passwords and the last four digits of credit numbers have been compromised.

Zappos CEO Tony Hsieh said the database that stores customers' credit card and other payment information was not accessed during the breach of one the company's servers in Kentucky.

At Zappos headquarters, full-scale crisis control is under way.

"We need all hands on deck to help get through this," Hsieh wrote to employees in a widely circulated email.

By 8 a.m. Monday, workers in all departments at the company's offices in Henderson were on customer service detail. Hsieh on Monday said the company may turn its phones back on by end of day today, depending on the volume of customer feedback.

Hsieh, citing the ongoing investigation, in a Monday news conference declined to say when the breach occurred, name any law enforcement agencies the company is working with or say whether it is known why the online shoe retailer was targeted.

Zappos, which employs nearly 2,000 people and has annual revenues of more than $1 billion, joins the ranks of high-profile companies that have been hacked in the past year, including Sony, Lockheed Martin, Citigroup, PBS and intelligence firm Strategic Forecasting Inc., which was the target of a politically motivated hack in December.

Stratfor, as the Austin, Texas-based company is known, had a credit card breach and then a server attack in December, which knocked the site offline. After hiring a security firm to rebuild its tech infrastructure, Stratfor on Jan. 11 relaunched its website, according to Reuters.

The Stratfor attack has been cited as a cautionary tale for small and midsize businesses that may not be as attentive to computer security as large corporations.

Sony last April experienced a breach in its PlayStation Network that compromised the data of 77 million users. Sony waited a week to tell users about the hacking incident, sparking a consumer outcry.

IT specialist Jeff Berg, president of Computer Troubleshooters Las Vegas, said security breaches are common, particularly for large companies.

"Even Amazon has intrusions. The bigger you are, the more likely you'll have intrusions," Berg said. "If someone wants to break into your house, they'll break into your house."

Zappos has taken the appropriate steps in its customer outreach, Berg said, preventing a larger public relations debacle.

"The worst thing you can do is not tell anybody," he said. "They released the information quickly."

Hsieh would not say what changes, if any, Zappos plans to implement to prevent future hacks.

"We can't comment on the specifics of our security," he said during the news conference. "It would be analogous to a casino broadcasting to the public their guard change shift schedules."

Right now, he said, the company is focused on getting customers to change their passwords.

One Las Vegas customer who asked that her last name not be used, 63-year-old Anne Marie, reached out to the Review-Journal after receiving two emails Monday morning: one from Zappos, about the security breach, then one from American Express, about fraudulent activity on her credit card.

"It could be a coincidence that it happened just after the Zappos email," the retiree said. "If I'm the only one out of 24 million people, then I guess it's a coincidence. I wonder if other people are affected."

Hsieh said Zappos hasn't heard "anything outside the usual" about credit card fraud and reiterated during the news conference that the company's payment information database was not compromised.

For Anne Marie, who has only ordered from Zappos once but is a regular Amazon customer, the hacking experience has had a "chilling effect."

"I'm a little leery, a little afraid now to do business with Amazon or Zappos," she said. "If it can happen to this major website, it can happen to any of them."

Contact reporter Caitlin McGarry at cmcgarry@reviewjournal.com or 702-387-5273.

MOST READ
In case you missed it
Don't miss the big stories. Like us on Facebook.
THE LATEST
According to a recent AARP report, 52 percent of adults ages 50 to 64 have credit card debt. (G ...
How can retirees reduce their credit card debt?
By Jim Miller Savvy Senior

According to a recent report, 52 percent of adults ages 50 to 64 have credit card debt. Nearly half of older people carrying a credit card balance owe $5,000 or more.

MORE STORIES