Zappos Gets Zapped – Online Shoe Giant’s Security Breached

Customer service king Zappos demonstrates how retailers need to communicate with customers during an online security breach in order to retain loyalty and trust.

Even the most savvy online retailer is not safe from the threat of hackers and security scares, as witnessed by the security breach of US shoe pureplayer Zappos.

“We’ve spent over 12 years building our reputation, brand, and trust with our customers. It’s painful to see us take so many steps back due to a single incident. I suppose the one saving grace is that the database that stores our customers’ critical credit card and other payment data was not affected or accessed,” said Zappos CEO, Tony Hsieh, in a letter that was sent to its 24 million customers.

Ever the consummate customer service leader, Zappos sets the perfect example of keeping its customers informed by clearly communicating the issue, advising how it is dealing with the breach,and offering its customers an apology, plus giving direct contact details.

As highlighted by our recent article ‘New Year’s Resolution #1: Revisit your Online Security Plan‘, with the proliferation of big and small alike, e-commerce retailers cannot afford to be complacent with the security of customer information and details. The Zappos incident draws attention to another equally important consideration for retailers during these situations, in that how you react and keep your customers informed thoughout the breach, will determine the way in which they perceive and trust your brand after it is resolved.

Zappos Gets Hacked

 

1 Comment

One thought on “Zappos Gets Zapped – Online Shoe Giant’s Security Breached”

  1. Bill says:

    Yes as good a response as could be expected these days- but as one of the customers whose data was exposed it glosses over the serious issues for me and my privacy. ( what little I have) I am now subject to additional waves of SPAM, Phishing ,snail mail crap, auto-dialers who circumvent the DNC registry, blunt ( and not so blunt ) attempts to probe every site where I have an account. I can cancel a credit card in minutes, which is global across all instances of use and CC companies have wonderful response to unauthorized use of my accounts . I cannot easily unhook from the nightmare that this data breach can cause. I cant tell you that regardless of the self-congratulatory tone of your article I am pissed. There are those that say “So what ? Most of that data is pseudo-public. True as that may be, it is not necessarily all linked or indexed in an easily transportable electronic format where all the heavy lifting has already been done. From what I’ve read in my email and online the breach involves personally identifiable information, linking numerous pieces of information about me, not just stray un-joined bits of data. Lastly, every e-tailer will probably see impacts as customers decline to create accounts in order to minimize their electronic footprint. As a retired computer professional, if each of you is not already on the phone to arrange immediate outside independent “ethical hacking” of your systems you are derelict in your security duties. And make sure the engagement includes physical ISP site review and internal security policy and execution reviews !!

Leave a Reply

Your email address will not be published. Required fields are marked *

[gravityform id="11" title="false" description="false" ajax="true"]
<div class='gf_browser_unknown gform_wrapper fix-om-styling_wrapper' id='gform_wrapper_11' ><div id='gf_11' class='gform_anchor' tabindex='-1'></div><form method='post' enctype='multipart/form-data' target='gform_ajax_frame_11' id='gform_11' class='fix-om-styling' action='/news/zappos-security-breached/#gf_11'> <div class='gform_body'><ul id='gform_fields_11' class='gform_fields top_label form_sublabel_below description_below'><li id='field_11_2' class='gfield gfield_contains_required field_sublabel_below field_description_below hidden_label gfield_visibility_visible' ><label class='gfield_label' for='input_11_2' >Email Address<span class='gfield_required'>*</span></label><div class='ginput_container ginput_container_email'> <input name='input_2' id='input_11_2' type='text' value='' class='large' placeholder='Email' aria-required="true" aria-invalid="false" /> </div></li><li id='field_11_3' class='gfield gfield_contains_required field_sublabel_hidden_label field_description_below hidden_label gfield_visibility_visible' ><label class='gfield_label gfield_label_before_complex' >Name<span class='gfield_required'>*</span></label><div class='ginput_complex ginput_container no_prefix has_first_name no_middle_name has_last_name no_suffix gf_name_has_2 ginput_container_name' id='input_11_3'> <span id='input_11_3_3_container' class='name_first' > <input type='text' name='input_3.3' id='input_11_3_3' value='' aria-label='First name' aria-required="true" aria-invalid="false" placeholder='First Name'/> <label for='input_11_3_3' class='hidden_sub_label screen-reader-text'>First</label> </span> <span id='input_11_3_6_container' class='name_last' > <input type='text' name='input_3.6' id='input_11_3_6' value='' aria-label='Last name' aria-required="true" aria-invalid="false" placeholder='Last Name'/> <label for='input_11_3_6' class='hidden_sub_label screen-reader-text'>Last</label> </span> </div></li><li id='field_11_5' class='gfield gfield_contains_required field_sublabel_below field_description_below hidden_label gfield_visibility_visible' ><label class='gfield_label' for='input_11_5' >Company / Organisation<span class='gfield_required'>*</span></label><div class='ginput_container ginput_container_text'><input name='input_5' id='input_11_5' type='text' value='' class='large' placeholder='Company' aria-required="true" aria-invalid="false" /></div></li><li id='field_11_6' class='gfield gform_hidden field_sublabel_below field_description_below gfield_visibility_visible' ><input name='input_6' id='input_11_6' type='hidden' class='gform_hidden' aria-invalid="false" value='NOT PROVIDED' /></li><li id='field_11_7' class='gfield gform_hidden field_sublabel_below field_description_below gfield_visibility_visible' ><input name='input_7' id='input_11_7' type='hidden' class='gform_hidden' aria-invalid="false" value='NOT PROVIDED' /></li><li id='field_11_8' class='gfield gform_hidden field_sublabel_below field_description_below gfield_visibility_visible' ><input name='input_8' id='input_11_8' type='hidden' class='gform_hidden' aria-invalid="false" value='NOT PROVIDED' /></li><li id='field_11_9' class='gfield gform_validation_container field_sublabel_below field_description_below gfield_visibility_visible' ><label class='gfield_label' for='input_11_9' >Comments</label><div class='ginput_container'><input name='input_9' id='input_11_9' type='text' value='' /></div><div class='gfield_description' id='gfield_description_11_9'>This field is for validation purposes and should be left unchanged.</div></li> </ul></div> <div class='gform_footer top_label'> <button type="submit" class="button-3" id="gform_submit_button_11">SUBSCRIBE</button> <input type='hidden' name='gform_ajax' value='form_id=11&amp;title=&amp;description=&amp;tabindex=0' /> <input type='hidden' class='gform_hidden' name='is_submit_11' value='1' /> <input type='hidden' class='gform_hidden' name='gform_submit' value='11' /> <input type='hidden' class='gform_hidden' name='gform_unique_id' value='' /> <input type='hidden' class='gform_hidden' name='state_11' value='WyJbXSIsIjRjNDYzMzMwNzM3OTFjM2ZlOGZhNjY2ZDA4ZDVlMDcyIl0=' /> <input type='hidden' class='gform_hidden' name='gform_target_page_number_11' id='gform_target_page_number_11' value='0' /> <input type='hidden' class='gform_hidden' name='gform_source_page_number_11' id='gform_source_page_number_11' value='1' /> <input type='hidden' name='gform_field_values' value='' /> </div> </form> </div> <iframe style='display:none;width:0px;height:0px;' src='about:blank' name='gform_ajax_frame_11' id='gform_ajax_frame_11' title='This iframe contains the logic required to handle Ajax powered Gravity Forms.'></iframe> <script type='text/javascript'>jQuery(document).ready(function($){gformInitSpinner( 11, 'https://mlo34ofws4g4.i.optimole.com/sfLB6KI-p9IYDWSG/w:auto/h:auto/q:auto/https://mail.powerretail.com.au/wp-content/plugins/gravityforms/images/spinner.gif' );jQuery('#gform_ajax_frame_11').on('load',function(){var contents = jQuery(this).contents().find('*').html();var is_postback = contents.indexOf('GF_AJAX_POSTBACK') >= 0;if(!is_postback){return;}var form_content = jQuery(this).contents().find('#gform_wrapper_11');var is_confirmation = jQuery(this).contents().find('#gform_confirmation_wrapper_11').length > 0;var is_redirect = contents.indexOf('gformRedirect(){') >= 0;var is_form = form_content.length > 0 && ! is_redirect && ! is_confirmation;var mt = parseInt(jQuery('html').css('margin-top'), 10) + parseInt(jQuery('body').css('margin-top'), 10) + 100;if(is_form){jQuery('#gform_wrapper_11').html(form_content.html());if(form_content.hasClass('gform_validation_error')){jQuery('#gform_wrapper_11').addClass('gform_validation_error');} else {jQuery('#gform_wrapper_11').removeClass('gform_validation_error');}setTimeout( function() { /* delay the scroll by 50 milliseconds to fix a bug in chrome */ jQuery(document).scrollTop(jQuery('#gform_wrapper_11').offset().top - mt); }, 50 );if(window['gformInitDatepicker']) {gformInitDatepicker();}if(window['gformInitPriceFields']) {gformInitPriceFields();}var current_page = jQuery('#gform_source_page_number_11').val();gformInitSpinner( 11, 'https://mlo34ofws4g4.i.optimole.com/sfLB6KI-p9IYDWSG/w:auto/h:auto/q:auto/https://mail.powerretail.com.au/wp-content/plugins/gravityforms/images/spinner.gif' );jQuery(document).trigger('gform_page_loaded', [11, current_page]);window['gf_submitting_11'] = false;}else if(!is_redirect){var confirmation_content = jQuery(this).contents().find('.GF_AJAX_POSTBACK').html();if(!confirmation_content){confirmation_content = contents;}setTimeout(function(){jQuery('#gform_wrapper_11').replaceWith(confirmation_content);jQuery(document).scrollTop(jQuery('#gf_11').offset().top - mt);jQuery(document).trigger('gform_confirmation_loaded', [11]);window['gf_submitting_11'] = false;}, 50);}else{jQuery('#gform_11').append(contents);if(window['gformRedirect']) {gformRedirect();}}jQuery(document).trigger('gform_post_render', [11, current_page]);} );} );</script><script type='text/javascript'> jQuery(document).bind('gform_post_render', function(event, formId, currentPage){if(formId == 11) {if(typeof Placeholders != 'undefined'){ Placeholders.enable(); }} } );jQuery(document).bind('gform_post_conditional_logic', function(event, formId, fields, isInit){} );</script><script type='text/javascript'> jQuery(document).ready(function(){jQuery(document).trigger('gform_post_render', [11, 1]) } ); </script>