In an entry posted on its website, Zappos CEO Tony Hsieh on Sunday night told employees via email that the company was recently the victim of a cyber attack that may have compromised more than 24 million customer accounts.
According to Hsieh, "the database that stores our customers' critical credit card and other payment data was not affected or accessed."
An email that was scheduled to be sent to Zappos customers says:
"there may have been illegal and unauthorized access to some of your customer account information on Zappos.com, including one or more of the following: your name, e-mail address, billing and shipping addresses, phone number, the last four digits of your credit card number (the standard information you find on receipts), and/or your cryptographically scrambled password (but not your actual password)."
Zappos said it has expired and reset customers' passwords so they can be reset.
Read the message from Zappos CEO Tony Hsieh and the email being sent to customers HERE.