In an unfortunate coincidence, as a thematic followup to my previous post on hacking, a “throwaway” email I use, and partial credit card information of mine, has just been compromised in the recent hack of Zappos.com. Infosec Island has a good blog post about this data breach, and I was one of 24 million Zappos customers who received the email quoted in that blog post.
I’ve deleted my credit card information from Zappos, and from one other online retailer I use. To be honest, I’m not sure who else might have my sensitive information — and I bet I’m not alone in that. I’m not sure what precautions I will take in the future when shopping online, but I plan never to save my credit card information again.
Stay safe, everyone.
Some credit card companies offer a “shop safe” feature that allows one to generate a new subsidiary credit card number with a small credit limit to be used for online transactions. It has the opposite of the convenience of storing a credit card number at a site. I wonder if this isn’t how we should do all online shopping at this point.
Thanks for the comment. I have found a couple links about improving one’s password security while shopping, but given the comments of Gerrit Padgham on my previous post, your suggestion may be the way to go: assume there is no such thing as a good-enough password, and limit your risk.