Zappos breach is a lesson
The network breach of Zappos should be a lesson for consumers everywhere. The reason I say this is because Zappos isn’t any fly by night flash in the pan Internet retailer. They are owned by none other than THE Internet retailer Amazon.com. Therefore, you would hope their security would be about as good as it gets. Even so, they were infiltrated and the names, emails, phone numbers, addresses and partial credit card numbers of their 24 million customers were compromised.
What lesson can you take from this? The lesson is that you can’t trust ANYONE to keep your data secure. You can’t trust Zappos, you can’t trust Amazon, you can’t trust Google, and you can’t trust Facebook. Just because they say they won’t release your information does not mean that it won’t get released. This doesn’t mean you can’t protect yourself to some extent, it just means you can’t rely on them to protect you.
There are some steps you can take to make yourself more secure online.
The first thing you can do is use a disposable email account for web shopping. You should do this anyway because of all the spam online retailers, even legitimate ones, will send you. Buying a $3 item from an online retailer subjects you to their spam for life unless you navigate their website to find out how to turn it off. By using a separate email account for this type of activity, it keeps your primary account clean, even if something like this Zappos breach occurs.
The second thing you can do is use disposable credit card numbers. Bank of America, for example, has shop safe. I am sure by now most credit card companies have a similar service. If you buy something online, you can go to their website and request a temporary disposable credit card number for the amount of the transaction. You use this number to make your purchase and that’s it. That is all that card is good for. If someone hacks into a retailer’s website and steals all the information contained there, including your credit card number, you don’t really care, because they number isn’t valid anymore anyway.
The third thing you can do is use unique passwords at any website you use. Ideally they should be totally unique, in which case you can keep track of them with a program used for such a purpose. Personally, I use KeePass. I have used it for years and years. It works well, keeps your passwords in a secure encrypted file, and they even have a version for Android, so if you have an Android device, you can just use that. If you simply can’t be bothered with that, then use some kind of formula that you can remember the 1st , 3rd, and fifth 5th characters of the domain name of the website, a # character, your birthdate, and your grandmothers initials. You can use such a formula, whatever you come up with, on any website you visit so you will always know your password even though you will have a different password for every site. It isn’t as secure as having a totally unique unrelated password for every website, but it is a lot more secure than using the same password on every site.
The fourth thing you can do is use a virtual phone number. Keep your real phone number private and use a Google Voice number, or something similar, for everything else. The number is free. If it gets compromised, you can either get a new one, or simply let all calls to that number go to voicemail.
By taking some simple preventative measures such as these, you can make the possibility that you will become a victim in the case of a security breach by an online retailer less likely.