Zappos hit by cyber attack

Los Angeles Times

LOS ANGELES

Zappos.com, the popular shoe website, was the victim of a cyber attack that exposed customer information on the company’s internal network and systems, Chief Executive Tony Hsieh said in an email to employees.

In a separate email to account holders, the company said the potentially exposed information included names, email addresses, billing and shipping addresses, phone numbers and the last four digits of credit-card numbers.

Zappos said the database that stores full credit-card numbers and other payment data was not affected or accessed.

Hsieh said the Henderson, Nev., company was cooperating with law enforcement in “an exhaustive investigation.”

“We’ve spent over 12 years building our reputation, brand, and trust with our customers,” Hsieh said in the email to customers. “It’s painful to see us take so many steps back due to a single incident.”

To employees, he said, “Over the next day or so, we will be training everyone on the specifics of how to best help our customers through their password change process now that their passwords have been reset and expired. We need all hands on deck to help get through this.”

Zappos said it has more than 24 million customer accounts in its database.

Copyright 2012 Associated Press. All rights reserved. This material may not be published, broadcast, rewritten, or redistributed.