February 1, 2012, 12:00 AM

For a web retailer big on customer service, Zappos takes a step back with security breach

After years of building a stellar reputation for customer service—a strategy that helped to push it past $1 billion in sales—Zappos.com, now a unit of Amazon.com Inc., scrambled last month to placate customers whose personal information was hacked in a breach of network security.

Lead Photo

It takes years to build a solid reputation built on quality and customer service. But a single successful criminal exploit can quickly tarnish that image.

Just ask Zappos.com, the web-only footwear and apparel retailer that surged on a stellar customer service record to more than $1 billion in sales before being acquired by Amazon.com Inc. in 2009. Last month, after a criminal broke into Zappos' internal computer networks and stole personal data of Zappos customers, the retailer e-mailed more than 24 million customers Jan. 15, alerting them that their personal information may have been stolen. It then scrambled to placate customers and answer their questions.

"We've spent over 12 years building our reputation, brand and trust with our customers," CEO Tony Hsieh wrote in an e-mail to employees. "It's painful to see us take so many steps back due to a single incident."

Hsieh also used that e-mail message to sound the alarm that all employees, regardless of department, needed to help answer customer inquiries via e-mail. The retailer's phones were temporarily turned off to avoid getting overwhelmed with calls from customers. "We need all hands on deck to help get through this," he wrote.

The e-mail Zappos sent to customers said their names, e-mail addresses, billing and shipping addresses, phone numbers, scrambled passwords and the last four digits of credit card account numbers may have been taken. The e-mail also informed customers that Zappos had reset all customer account passwords and asked customers to create a new password for their accounts.

The same e-mail was also sent to customers of 6pm.com, a discount shoe e-retailer operated by Zappos.

Zappos said a criminal gained access to parts of its internal network and systems through a server in Kentucky and that Zappos was working with the FBI to investigate the incident.

Customer comments posted to Zappos' Facebook Wall after the breach were largely supportive, suggesting the goodwill the retailer has built up may limit the damage it suffers.

allison@verticalwebmedia.com

@AEnrightIR

comments powered by Disqus

Advertisement

Advertisement

Advertisement

From IR Blogs

FPO

Bill Siwicki / Mobile Commerce

Want to be honored as one of the world’s best mobile retailers?

Mark Tuesday Nov. 4 on your calendar to attend a live-streaming event on tips for ...

FPO

Timothy Seward / E-Commerce

Amazon: relating to the behemoth

Learn what you can from Amazon, but don’t hand Jeff Bezos the keys to your ...

Advertisement