Facebook
Fark
Digg
Reddit
Stumble
Zappos CEO Tony Hsieh responds to questions from the media on Monday, January 16, 2012, one day after the online retailer’s website was hacked. The cyber-attack did not compromise Zappo’s credit card database, but the hacker may have accessed users’ personal data such as name, address, billing and shipping addresses, phone numbers, the last four digits of their credit card numbers and online passwords.
By Conor Shine (contact) 
Monday, Jan. 16, 2012 | 4:58 p.m.
Online retailer Zappos hacked
Viewing video requires the latest version of Adobe's Flash Player
KSNV coverage of Zappos press conference held to address recent hacking incident, Jan. 16, 2012.
A day after Zappos announced a security breach affecting up to 24 million customers, employees of the Henderson-based company spent Monday working to control the damage.
In an email sent to employees about 4 p.m. Sunday, CEO Tony Hsieh revealed that the online retailer was the victim of a cyber attack after someone gained access to internal systems through a computer server in Kentucky.
The database storing customer credit card numbers was not accessed, but other information, including possibly names, email addresses, phone numbers and billing and shipping addresses, may have been compromised.
Zappos responded by resetting customers’ passwords, and employees spent Monday working to assist customers and assuage any fears about the leak.
In a short press conference outside of Zappos’ headquarters off Green Valley Parkway, Hsieh was somber as he recounted the events of the past 24 hours and laid out the company’s plans for handling the breach.
“It’s definitely been very tough,” he said, as media and about two dozen employees gathered around.
“Obviously it’s not a fun situation for anyone,” he said. “We’re working hard to get through to all our customers and help them through the process.”
Hsieh was unable to give details about how the breach happened or who might be behind the attack, saying that the incident is under investigation by law enforcement.
He said that it’s possible not all 24 million accounts were accessed, and the company chose to “err on the side of caution” when deciding which customers to notify.
“We’ve spent over 12 years building our reputation, brand and trust with our customers. It’s painful to see us take so many steps back due to a single incident,” Hsieh said in the email to employees. “I suppose the one saving grace is that the database that stores our customers’ critical credit card and other payment data was not affected or accessed.”
As a result of the breach, all local Zappos employees were pulled off their normal jobs Monday to assist customers. Phone lines at the customer service center were shut down to prevent them from being overloaded with calls, and the company is responding to customer inquiries through email.
Customers can reset their passwords by going to Zappos.com and clicking on the “Create a New Password” link in the upper right corner of the page. Anyone with questions is encouraged to email Zappos at passwordchange@zappos.com.
Hsieh said the company will evaluate Tuesday when to reopen phone lines.
“We really appreciate our employees all coming together and we’ve also heard support from our customers,” Hsieh said. “This is the type of thing no company wants to happen to them, and we’re trying to address it as well as we can.”
If you are a good shopper on the Internet, Zappos is the last place you'll find a good deal. I've brushed by them for the last 12 years, as they seldom beat even the brick and mortar prices out there. That said, it is a tough deal when hackers target you. New security costs may/will be passed along to the consumer.
I'd agree that Zappos is pricey, but their customer service and selection are great. Free shipping and if you decide you don't want the shoes after all, they pay for return shipping.
These same hackers can break into anyone's computer and sniff it for information to make themselves easy cash. Even if my front door is unlocked, no one has the right to walk in and look around.
If that happened on the frontier, the corn field would have a higher yield the following summer and the farmer's daughter would be a lot safer in the Fall. I hope the thieves are caught and branded.
This kind of thing happens all the time. I get a credit card replaced almost yearly because some website I bought something from was compromised. Usually companies just notify the financial institutions to cancel the credit cards that were on file, and keep it quiet. Zappos actually coming forward so that users can protect themselves is another example of Zappos doing the right thing by their customers.
It wouldn't surprise me if this overpriced shoe company made this story up so they can use it as an excuse for when they say they don't have the money to complete the downtown deal because of the added expense and loss of business. Then the City will cave in to this hoax and give the place to them for free out of fear that Oscar will look bad and downtown will be a flea bag ridden dump forever!! I smell a rat!!! 12 years without a problem then all of a sudden 9 months before the big move this happens?? I smell a BIG rat!!
I know four people who had their data stolen at gas pumps or ATM's. I have had to replace credit cards twice because of this sort of thing. It doesn't matter if you shop online either because it happens to the banks, too. They just don't tell the media, like they are supposed to.
I had to replace my Visa debit card last year because the bank told me it had been compromised. A friend who has the same bank had the same issue that week. Coincidence? I think not.
Even if you don't bank online, your data isn't safe because it's all on the same network & servers.
So much for the gentrification of Downtown...
Now what are all of the Downtown homers going to say about this??
Chunky says:
Why didn't someone in the camera crowd smack the inconsiderate @#$#@^$% who is stuffing the recorder in Mr. Hsieh's face and his arm into every shot?
Disrespectful to the man and unprofessional to his media colleagues!
That's what Chunky thinks!
Sinatra & Denver, really? How old are you guys?
I worked at Zappos for a couple of years, absolutely hated it - employees are treated like, and the CLT is run like, a Kindergarten, and if you don't play into being treated like a child, you are deemed a "bad culture fit" and terminated. To make sure you tow the culture line, there were over 60 employees whose sole job was to monitor customer service reps phone calls and casual conversations. Every aspect of your work product, customer e-mails and phone conversations are scrutinized ruthlessly (every 10-12 CLT reps has the following people monitoring them: a Lead, a senior CLT rep, a QA rep, a supervisor and a manager).
However, Zappos does take customer security very seriously, and has a dedicated 'verification' team keeping on top of potential fraud issues. This looks to be an IT issue and not something the Order Verification team could have prevented.
True, Zappos does charge full list price, but the very real level of customer service they provide does not come cheap.
The only reason this happens is because the consumer is too lazy to enter their information each and every time a purchase is made. Period.
It should be illegal to store any information for future re-use. Yes, it would make online monthly subscriptions impossible, but it would also stop many, MANY scams dead in their tracks.
The steps needed to stop this won't be taken, though. People are too in love with all the deals they get or with being able to use just one click to pay for a repeat purchase.
By the way, if I were head of IT at Zappos, I'd be looking at current or former (mainly current) employees who might hold a grudge. This type of breach is an inside job more often than not.
If Denver smells a rat he probably should just change his underwear.
Thank you, vegasm, for posting about how it is to work for this company. Much as I like the fact that Hsieh is promoting downtown, his weird need to sort of control people who work for him is kind of creepy.
How far will that control go downtown?
The fact that employees MUST buy into this company's seemingly fake-happy, fake-creative "culture" and seem to be expected to make the company their lives is scary. I've wondered if there are many people who've worked there and not liked it.
I don't work for Zappos but I think their great. Ya, the prices are not marked down but factor in free overnight shipping on everything and that you can return anything up to a year later with no questions asked even if you used it - that's worth the price to me. It's a good local company and I support them as often as I can.
Is there a connection ?
http://www.lasvegassun.com/news/2011/dec...
Culinary's attacks on Tony Hsieh called 'disgusting'
The one reason I despise Zappos is not their cult like mentality, but its disingenuous factor: we want you to fit in and be you, but only if you fit in with who we are. We will pay you to quit, we are so perfect...blah, blah, blah.
This company is a breeding ground of yes-people who ,as Daniel Jackson puts it, "are all so lucky to have their job". He's managed to make Zappos akin to the lesser of two evils - working in the fields farming or work at Zappos.
Hsieh did the right thing by personally taking questions as opposed to pawning it off to some media relations publicist and shrugging it off the way Epsilon did last April.
@Teamsg1, horrid working conditions? Are you serious? From a CNN article: This list newcomer offers free lunches, concierge services, and 100% coverage of health insurance premiums.