Zappos Hacked: How Data Breaches Affect Us

The latest big ecommerce site to be victim of a cyber attack was Zappos.com by a

hacker who accessed a part of the companys internet network through one of its servers in Kentucky, CEO Tony Hsieh said in an email to employees January 15, 2012. The data breach compromised customer account information such as billing addresses, names, email addresses, phone numbers, passwords in encrypted form, and the last four digits of credit card numbers. CEO Tony Hsieh said the security problem did not affect critical credit card and other payment data and that they were cooperating with law enforcement to undergo an exhaustive investigation.

Zappos.com was acquired by Amazon.com in July, 2009 for $1.2 billion and operates as an independent unit of Amazon.com. Amazon.com is known for having security measures, such as two factor authentication, in place to protect its customers personal data. The company will be notifying 24 million customers to change their passwords as a protective measure and to also reset their passwords anywhere else where their passwords may be the same. A menu has been added to Zappos.com pages to create a new password to encourage customers to change their passwords as soon as possible. The company is known for their stellar customer service and due to the high volume of customer calls, they will be switching their phones off and direct customers to contact them via email for assistance.

Even though security measures such as stronger passwords can be in place to protect customers, ecommerce companies like Zappos.com can be attacked by hackers and data can still be compromised. Theres not enough information that is released on the attack yet, but customers know that they need to change their passwords to protect themselves. Zappos.com, on the other hand, knows now that they need to have better security measures in place to protect their servers and to better detect threats against hackers in the future.

The scariest part of the data breach is that customers passwords in encrypted form were stolen which can be cracked by programming software that can encode it. This would allow hackers access to their logins across other sites if they use the same email and password logins. Zappos.com customers that have been breached should be careful to use different passwords on different ecommerce sites to reduce the chances of their information being compromised since their account information so that if one site gets attacked, their information wont be able to be used on other sites. Users that utilize stronger passwords using a combination of letters, numbers and symbols reduce the chance of hackers guessing their passwords. Unfortunately, Zappos.com servers were hacked which users cannot control, but using stronger passwords across different sites that their personal information is stored on decreases the chances of their passwords being hacked or stolen.

Some users who have Gmail accounts were also compromised recently. Users were notified that suspicious activity occurred on their accounts and were advised to change their passwords. Some users were compromised by hackers in other countries such as India, Germany and Russia for example. Gmail users that utilize stronger passwords with a combination of letters, numbers and symbols will be safer than users that utilize only letters and numbers. With Zappos.com accounts and Gmail accounts being compromised recently, users are reminded that stronger passwords should be used on any accounts that store their information online and also to use separate passwords across different accounts to protect their sensitive information.

Gmail offers two factor authentication options if you enable them, but this feature is not activated by default. Amazon offers multi factor authentication for their web services, but Zappos.com is run independently and does not yet incorporate multi factor authentication for their users. The added layer of security from the two-factor authentication process allows for a safer user experience online in situations where sensitive information is stored and shared. It makes one wonder if a two-factor authentication solution could have prevented the Zappos.com Data Breach not only with their users, but also in protecting access to their servers. For instance, if a Zappos.com employee was alerted using their mobile phone that a server was being accessed, they could receive a one-time password and use their login credentials to authorize access or reject access which could have prevented the attack.

Strong passwords along with better password policies can make for stronger security. Strong two-factor authentication can enhance security and potentially keep companies like Zappos.com alert and on guard against attacks, for example, if servers are being accessed by unauthorized individuals.

by: Mitchel Smith

POST COMMENT

Achieve Photo Recovery From Sd Card Secure Your Crucial Data With Phishing Protection How To Protect Data Corruption By Testing ? Get Back Your Lost Data With Recover Files After Format Analyzing Linear Data How Bankruptcy Attorneys In San Diego Explore All Options For Your Financial Recovery How Secure Is Your Data? Authentic - Virginia Public Divorce Records Database Htc Photo Recovery-recover Lost Photo With Ease Know How To Maximize Your Damage Recovery In Claims Secure Your Critical Data With Data Protection Solutions Efficient Test Data Management With Ibm Optim Drug Recovery Programme Through Drug Rehab Clinics Cheshire