Zappos Hacked

Zappos was hacked over the weekend exposing user accounts, email addresses, and the last 4 digits of credit card numbers.  The one "good" (if it can be called that) thing about this was that the database server with full credit card numbers were not compromised.  The user passwords were stored cryptographically, but as anyone with knowledge about cryptography knows;  if you know the algorithm, have the ciphertext, and have time you can decrypt it.  So, I applaud them forcing all users to change their passwords and suggesting that, if you use the same default password for other sites as well, that you change that too.

http://redtape.msnbc.msn.com/_news/2012/01/16/10163952-zappos-says-hacker-may-have-accessed-info-on-24-million-customers?ocid=ansmsnbc11