Featured Research

from universities, journals, and other organizations

Zappos breach goes beyond credit cards: Consumers face identity theft if hackers correlate other penetrated databases

Date:
January 18, 2012
Source:
Cornell University
Summary:
An expert comments on the Zappos web site breach by hackers. He said that information about a customer can be used to 'de-anonymize' other databases on other Web sites, further invading customer privacy.

Stephen B. Wicker, Cornell professor of Electrical and Computer Engineering at Cornell University, comments on the Zappos web site breach by hackers.

Wicker conducts research in wireless information networks. He focuses on networking technology, law, and sociology, and how regulation can affect the privacy and speech rights. He is the author of the book "Cellular Convergence and the Death of Privacy," to be published by Oxford University Press at the end of 2012.

He says: "Though Zappos has not stated how security was breached, this event is a reminder that security is not a fix or an overlay, it is an ongoing process that must be intrinsic to the design and maintenance of an Internet presence.

"Zappos said that credit card information was not stolen, but acknowledged that email addresses, billing and shipping addresses, phone numbers, and the last four digits from credit cards may have been compromised. This is a lopsided outcome for the customer.

"The bigger problem Zappos faces is that large databases of consumer information can be used for identity theft. As Zappos acknowledged, users who use the same or similar passwords are at risk of theft through access to other sites such as Amazon or Ebay.

"More generally, information about a customer can be used to 'de-anonymize' other databases on other Web sites, further invading customer privacy. Correlation attacks enabled by such data have been shown to strip anonymity from NetFlix, AOL and other databases that were assumed safe. Thus, the information used can include customer preferences, beliefs and practices that are far harder to change than a credit card number.

"Zappos' response is admirable for its forthrightness and immediacy, but this is a reminder of the risk run when online service providers maintain databases of user data. This is a practice that many, many web site and service providers engage in for convenience and, in some cases, for profit. This is a practice that a networked society cannot afford for the long term if individual privacy is to be preserved."


Story Source:

The above story is based on materials provided by Cornell University. Note: Materials may be edited for content and length.


Cite This Page:

Cornell University. "Zappos breach goes beyond credit cards: Consumers face identity theft if hackers correlate other penetrated databases." ScienceDaily. ScienceDaily, 18 January 2012. <www.sciencedaily.com/releases/2012/01/120118122829.htm>.
Cornell University. (2012, January 18). Zappos breach goes beyond credit cards: Consumers face identity theft if hackers correlate other penetrated databases. ScienceDaily. Retrieved July 31, 2014 from www.sciencedaily.com/releases/2012/01/120118122829.htm
Cornell University. "Zappos breach goes beyond credit cards: Consumers face identity theft if hackers correlate other penetrated databases." ScienceDaily. www.sciencedaily.com/releases/2012/01/120118122829.htm (accessed July 31, 2014).

Share This




More Computers & Math News

Thursday, July 31, 2014

Featured Research

from universities, journals, and other organizations


Featured Videos

from AP, Reuters, AFP, and other news services


Search ScienceDaily

Number of stories in archives: 140,361

Find with keyword(s):
Enter a keyword or phrase to search ScienceDaily for related topics and research stories.

Save/Print:
Share:

Breaking News:

More Coverage


Consumers Should Be Vigilant in Wake of Zappos Cyberattack

Jan. 18, 2012 As an estimated 24 million Zappos.com customers begin receiving notifications that some of their personal data have been compromised, an expert is warning those affected to be on the lookout for ... read more
from the past week

In Other News

... from NewsDaily.com

Science News

Health News

    Environment News

    Technology News



      Save/Print:
      Share:

      Free Subscriptions


      Get the latest science news with ScienceDaily's free email newsletters, updated daily and weekly. Or view hourly updated newsfeeds in your RSS reader:

      Get Social & Mobile


      Keep up to date with the latest news from ScienceDaily via social networks and mobile apps:

      Have Feedback?


      Tell us what you think of ScienceDaily -- we welcome both positive and negative comments. Have any problems using the site? Questions?
      Mobile: iPhone Android Web
      Follow: Facebook Twitter Google+
      Subscribe: RSS Feeds Email Newsletters
      Latest Headlines Health & Medicine Mind & Brain Space & Time Matter & Energy Computers & Math Plants & Animals Earth & Climate Fossils & Ruins