Imagine your name, e-mail address, billing and shipping information, phone number, and the last four digits of your credit card number in the hands of crooks.
If you're one of the 24 million zappos.com shoppers you'll be getting an email from the company's CEO.
The good news is that entire credit card numbers were not stolen because they're stored somewhere else.
CEO Tony Hsieh says Zappos voided and reset customer passwords so new ones can be created. His e-mail to customers includes a link and instructions.
It also urges customers to change their passwords just to be safe, especially if they use the same or similar password at any other site.
Hackers attacked Zappos servers in Kentucky and now the company's working with police to try and catch the crooks.
Zappos says it has shut down its phone lines so it can have its entire staff take customer questions online.
You may recall the largest security breach was when Sony's system was hacked, compromising the information of more than 75 million PlayStation customers.