Monday, January 16, 2012

Mixed Review of's Response to Breach of Their Data

I'm used to data breaches; the company I work for sells Network Forensics solutions that if in place before a breach occurs allows you to figure out what happened. I lost access to my student loan when Citibank was attacked earlier this summer, so I'm used to companies not being upfront about what's going on and suffering penalties. What I'm surprised about today, is how a company known for customer service - - has responded to a data breach of their own.

I learned of the data breach from my husband. While I receive Zappos Digests every Monday, Wednesday, and Friday, I didn't receive the email from Zappos's CEO regarding the compromise of my data. (I checked my SPAM/Junk folder to be sure it hadn't been snagged, it wasn't there.)

This morning as I made my daily walk from the bedroom to the kitchen to make coffee, I noticed how cold the floor was. While my coffee was brewing, I went to to get a pair of cozy slippers. I expected to see a notice on their home page about how to re-access my account. Nothing. I added the slippers to my shopping cart and proceeded to check out. First I received a disturbing message that they had no record of my email address. I went to my email to verify which email address I received communications from Zappos from. Sure enough it was the one they couldn't find. I tried another email address that had gotten a Zappos advertisement, with this email address (not one I'd used to make a purchase from) I received a message about a security update - no mention of the data breach.

After a quick search I found the letter from Zappos's CEO posted on Naked Security. Note that this letter should be readily accessible from the website. Unfortunately that didn't help me as it appears my account was deleted during the breach.

Without answers and still slipperless, I moved to Twitter. @Zappos_Service gets points here for providing an answer within minutes; email As they're experiencing an unusually high volume of email at this time, their response will take longer than normal. I'll post an update as to whether they're able to recover my account when they respond to my inquiry.

Ciao Bella!
Credits: All images taken by Eden Hensley Silverstein for The Road to the Good Life.