Zappos.com

According to an entry posted on the company blog on Sunday, online shoe and clothing giant Zappos has suffered a massive security breach compromising some data on as many as 24 million customer accounts. In an email to employees, CEO Tony Hsieh said the company was attacked by "a criminal who gained access to parts of our internal network and systems through one of our servers in Kentucky." Hsieh also said the company was cooperating with authorities in an "exhaustive investigation."

Hsieh continued:

Because of the nature of the investigation, the information in this email is being sent a bit more formally, and unfortunately we are not able to provide any more details about specifics of the attack beyond what is in this email and the link at the end of this email, but we can say that THE DATABASE THAT STORES OUR CUSTOMERS' CRITICAL CREDIT CARD AND OTHER PAYMENT DATA WAS NOT AFFECTED OR ACCESSED.

Below the notice to employees, Hsieh attached the text of the email sent to customers. Zappos account holders were advised that unauthorized access had been gained to "one or more of the following: your name, e-mail address, billing and shipping addresses, phone number, the last four digits of your credit card number (the standard information you find on receipts), and/or your cryptographically scrambled password (but not your actual password)."

Customers were advised--capslock advised, no less--to "PLEASE CREATE A NEW PASSWORD," as one of the company's security measures was to go ahead and existing passwords.

Zappos also clearly anticipates a huge customer response (perhaps backlash?) to the news:

Due to the volume of inquiries we are expecting, we realized that we could serve the most customers by answering their questions by email. We have made the hard decision to temporarily turn off our phones and direct customers to contact us by email because our phone systems simply aren't capable of handling so much volume. (If 5% of our customers call, that would be over 1 million phone calls, most of which would not even make it into our phone system in the first place.)

[Zappos]

But the romance has quickly soured, as publishers push back against Apple's increasingly domineering stance to subscriptions and advertising.

Pete Kafka over at All Things D has a nice breakdown of the growing gap between publishers and Apple over subscription sales on the iPad. Kafka says that Apple has been offering the following for months.

* The ability to sell app subscriptions through iTunes.
* 70 percent of the revenue from each sale.
* The ability to offer an opt-in form for subscribers that would ask them for a limited amount of information: Name, mailing address, email address.

Hence the recent move by publishers to cozy up to Google and its Android operating system, which will be running on a slew of new tablets in 2011.

The issue, as Kafka points out, is that publishers don't want to be cut out of customer information and subscription sales that could be equally as valuable when applied to print. iPad-only projects like News Corp's The Daily won't have such hang ups.

bpopper [at] observer.com | @benpopper