Zappos has set up a special Web page for customers to visit and change the password: http://www.zappos.com/passwordchange.

Anticipating a flood of customer service calls in response to the notification e-mail, Zappos is taking the unusual step of turning off its customer service telephone lines and forcing consumers with questions to send them in via e-mail.

"Due to the volume of inquiries we are expecting, we realized that we could serve the most customers by answering their questions by email," Hsieh said in a note to employees, also posted on the firm's Web page. "We have made the hard decision to temporarily turn off our phones and direct customers to contact us by email because our phone systems simply aren't capable of handling so much volume. (If 5% of our customers call, that would be over 1 million phone calls, most of which would not even make it into our phone system in the first place.) "

Hsieh said the firm would have "all hands on deck," to help customers with questions.

Judged by the number of customers impacted, Zappos' data breach is among the biggest thefts of customer information ever, but still considerably smaller than last year's incident involving the Sony Play Station Network, which reportedly impacted 77 million customers.

Hsieh struck an apologetic tone in both the e-mail to consumers and the memo to staff.

"We've spent over 12 years building our reputation, brand, and trust with our customers. It's painful to see us take so many steps back due to a single incident," he said in the memo. "I suppose the one saving grace is that the database that stores our customers' critical credit card and other payment data was not affected or accessed."

Story here: Zapped

korg