As many as 24 million customer accounts may have been affected by a massive data breach at Amazon-owned US online retailer Zappos.com.
Chief executive, Tony Hsieh, tweeted early on Monday with a link to the "security incident email" he sent to Zappos employees. However, the firm is blocking international traffic to its site so the contents of the message cannot be viewed.
Widespread reports indicate that the hackers gained access to the firm's network via one of its servers in Kentucky.
User passwords have been reset, with users encouraged to create a new Zappos password as soon as possible and to change their log-ins on any third-party site where they use similar passwords.
Customer names, email addresses, phone numbers, shipping and billing addresses and the last four digits of their card numbers may have been among the compromised details.
In an unusual move, the firm not only blocked all international traffic to its site but temporarily turned off its customer facing telephones and instead urged any concerned customers to direct their queries by email.
"We have made the hard decision to temporarily turn off our phones and direct customers to contact us by email because our phone systems simply aren't capable of handling so much volume," Hsieh reportedly wrote in the email.
"If five per cent of our customers call, that would be over one million phone calls, most of which would not even make it into our phone system in the first place."
The database, which holds credit card and other payment data, was reportedly unaffected by the breach.
Zappos is the first online retailer to be hit by a largescale cyber attack on its systems in 2012, but is unlikely to be the last. Cyber criminals seemed to up their game in 2011 and exposed the sometimes basic security measures put in place by their victims, often by exploiting known or easily remedied flaws in web applications.
Sony, in particular, was found wanting, with a huge breach of more than 70m records, from which the company is still recovering.
And, yep, it'll run Android rather than RiscOS
US engineering giant's cost-cutting outsourcing plan is on the rocks, according to insiders
HP Envy X2 laptop only affordable if you've got loadsamoney
Counterfeit code-signing certificates enabling hackers to hide malware being sold by cyber criminals
Certificates can be used as part of layered obfuscation to evade detection by anti-virus software