Zappos.com


Under Review: 
No Review
Date Breach Made Public: 
January 15, 2012
geo: 
Las Vegas , NV
United States

Customers with questions about their Zappos passwords may email passwordchange@zappos.com

Records Breached: 

24 million (No financial information or SSNs reported)

Breach Total Number: 
0
Source: 
Databreaches.net
Year of Breach: 
Type of organization: 
Type of breach: 

Customers were informed that their customer account information on Zappos.com may have been illegally accessed by unauthorized parties.  Customer names, email addresses, billing and shipping addresses, phone numbers, final four digits of credit card numbers, and/or cryptographically scrambled passwords were linked to customer accounts and could have been obtained. The secure database that stores detailed credit card and payment information was not affected by the breach or accessed. Since passwords may have been affected, customers should change their passwords and make sure that their old Zappos.com password is not used for any other sites.

UPDATE (1/21/2012): A resident of Texas is suing Zappos.com and Zappos' parent company Amazon.com on behalf of millions of customers who were affected by the release of personal account information.  The lawsuit is being filed in Kentucky.

UPDATE (9/22/2014):  A federal judge has denied a motion by Zappos to dismiss a class action lawsuit for a breach of customer data in 2012. Reportedly, the parties are nearing a settlement.

More Information: http://www.courthousenews.com/2014/09/22/71619.htm