Save the Data
Zola handles massive wedding registry breach in worst way possible
“This is the most important day of people’s lives and a huge breach of trust.”
The popular wedding registry website, Zola, is attempting to put out multiple fires following what appears to be a massive data breach of its customers’ credit card and personal data. According to multiple statements via Twitter, both the company’s website and app went down over the weekend. “If you’ve experienced any irregular activity, we will make sure any issues are reconciled. Please know we’re committed to protecting all personal information,” one tweet reads, later continuing, “We took immediate action & after investigating, we can report that all funds, credit cards and bank info continue to be protected.”
Although Zola’s website appears to be functional at the time of writing, numerous people have recounted unsettling, massive financial losses and data breaches. “My wife’s bank account had thousands of dollars drained and is now overdrawn -$700. She has yet to hear back from the support email she sent on Saturday and cannot get in touch with anyone via phone,” one person responded, with another claiming that they have lost almost $4,000 and only heard about Zola’s Twitter response through Googling it.
“Some acknowledgment and confirmation that it will be handled via email is the bare minimum,” they continued. “Please send some form of communication that’s not Twitter, Zola.”
An ongoing issue — Despite Zola’s claims that the company is working to remedy the situation, many other customers are reporting that they can’t log back onto their accounts after attempting to reset their passwords following the data breach’s announcement. Likewise, people are reporting that Zola’s customer service phone lines and email support are still unresponsive as of earlier today.
As of yet, there does not seem to be an official press release from Zola regarding what sounds like a vast and financially devastating hack — only these brief Twitter threads and their updates. The extent of the breach is yet to be known, although it sounds like the company is having a difficult time even restoring its website and app to fully working condition.
“This is the most important day of people’s lives and a huge breach of trust,” one response to the company reads.
UPDATE: A spokesperson for Zola emailed Input, saying it was “able to block the attempt, and no cash was lost” by couples using the site. Zola also claims that the breach impacted “less than 0.1% of registered couples,” and that credit card and banking info was never exposed to malicious actors. “We know that planning a wedding is stressful enough and we are deeply sorry if this has added to that. We take the security of your information very seriously and out of an abundance of caution, we have reset all user passwords and notified all registered users.”