Product Reviews
Take Action
Back
SIGN THE PETITION

Fight for Fair Finance

Tell the administration and Congress to stand up for the consumer watchdog that protects you from financial fraud and abuse.
Take Action
Why Do We Have Campaigns?
We're fighting to ensure you and your family can get a fair deal in the marketplace, especially on the choices that matter most: health care, privacy, automobiles, food, finances and more. Join our campaigns and together, we'll hold corporations and lawmakers accountable.

After Zappos hack, some online shopping safety tips to consider

Consumer Reports News: January 17, 2012 10:23 AM

Online shoe retailer Zappos.com has been targeted by hackers, company CEO Tony Hsieh reported on Sunday. Personal information—including e-mail addresses, names, phone numbers, and shipping addresses—for more than 24 million Zappos customers may have been compromised, Hsieh wrote in an e-mail to employees.

In an additional and separate e-mail to customers, Hsieh said:

The database that stores your critical credit card and other payment data was NOT affected or accessed.

The attack against Zappos, a unit of giant online retailer Amazon, is still being investigated. As a safety precaution, Zappos has automatically expired passwords for its customers' accounts, requiring returning users to create new log-in codes to access their accounts.

Here are some hints for safer online shopping:

  • Never use the same password for multiple sites. Minimize the chance that a hacker can gain access to your other online accounts from the information cracked.
  • Create and use separate e-mail addresses. Specific e-mail accounts for specific shopping sites—say, "MyAmazonAccount@gmail.com"—will limit your data exposure if only one particular online retailer gets hacked.
  • Never use any part of your name or any other easily guessed word in your password.
  • Use a strong password. These are phrases that are a mixture of letters and numbers. Substituting numbers for letters might help you remember your login a well—"pa55w0rd" instead of "password," for example. Some websites will allow the use of symbols, such as ! and #, as well as distinguish letter cases. For more information, see: How to create a strong password (and remember it!)

For more ways on how to protect your information while surfing the Internet, see Consumer Reports' Guide to online security.

Security e-mail sent by Tony Hsieh, CEO [Zappos.com]
Password change e-mail sent to customers [Zappos]
Zappos Says Customer Database Hacked [Associated Press via Time's Techland blog]

Paul Eng


E-mail Newsletters

FREE e-mail Newsletters! Choose from cars, safety, health, and more!
Already signed-up?
Manage your newsletters here too.

Recalls News

Cars

Cars Build & Buy Car Buying Service
Save thousands off MSRP with upfront dealer pricing information and a transparent car buying experience.

See your savings

Mobile

Mobile Get Ratings on the go and compare
while you shop

Learn more