Security Corner

Jan 18 2012   1:38PM GMT

Zappos security breach affects 24 million

Ken Harthun Ken Harthun Profile: Ken Harthun

This news is already getting old, having broken yesterday; however, there’s some good advice issued by Tony Hsieh, CEO of Zappos. I’ll get to that in a minute, but you might want to read his blog post.

So, Zappos got hacked. Customer account information on 24 million customers including names, e-mail addresses, billing and shipping addresses, phone numbers, the last four digits of credit card numbers and/or the cryptographically scrambled passwords was obtained by the criminal(s). The actual passwords weren’t obtained, but we can assume the hackers will try to crack the crypto.

The email sent to the customers contained some great advice: “We also recommend that you change your password on any other web site where you use the same or a similar password.” Not that you should ever use the same password on multiple sites, but this is great advice. If you are an affected Zappos customer, be sure to take this advice and go change that password on the other sites. Just make sure that for each site you change it on, you use a different password, not the same one over and over.

To be honest with you, I do use a certain set of passwords that are the same on multiple sites. The sites I use these passwords on are not anything important and the passwords I repeat are never the same passwords I use on shopping sites and other critical financial sites; those are all different, very strong passwords.

With all the great password advice I’ve been giving you over the years, there is no reason for you to have any trouble coming up with good, easily remembered passwords.

 Comment on this Post

 
There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when other members comment.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: