Zappos / zappos.com and 6pm.com have been hacked. Sensitive user data has been stolen.
“We are writing to let you know that there may have been illegal and unauthorized access to some of your customer account information on Zappos.com, including one or more of the following: your name, e-mail address, billing and shipping addresses, phone number, the last four digits of your credit card number (the standard information you find on receipts), and/or your cryptographically scrambled password (but not your actual password),” Zappos wrote in a note to users of zappos.com and 6pm.com.
Attempting a modest positive spin on the situation, the company went on state that “The database that stores your critical credit card and other payment data was NOT affected or accessed,”
As is prudent and responsible in these cases, Zappos and 6PM.com have reset the users’ passwords as a security measure. Users are urged now to choose a new password immediately both on these sites and on any other web site where they use the same or a similar password.