LAS VEGAS (AP) - Online retailers Zappos.com and Amazon.com are
being sued in Kentucky by a Texas woman alleging that she and
millions of other customers were harmed by the release of personal
account information.

Officials representing Zappos in Nevada and parent company Amazon in Seattle declined comment Wednesday on the lawsuit filed
in U.S. District Court in Louisville, Ky.

The lawsuit was filed Monday, after Zappos chief executive Tony Hsieh alerted employees and customers by email Sunday that names, phone numbers and email addresses of the shoe retailer's customer may have been accessed in a hacker attack. The company said customers' credit card and payment information weren't stolen.

Zappos urged customers to reset passwords to Zappos.com accounts and any other websites where they use similar passwords.

Zappos said the hacker gained access to its internal network and
systems through one of the company's servers in Kentucky. Zappos is
based in Henderson, near Las Vegas. It is owned by Seattle-based
Amazon.com Inc.

Attorney Mark Gray seeks class action status for plaintiff Theresa D. Stevens of Beaumont, Texas, and 24 million other customers for what Gray alleges was a violation of the federal Fair Credit Reporting Act.

Gray didn't immediately respond Wednesday to messages.

The civil negligence lawsuit seeks unspecified millions of dollars in compensatory and exemplary damages for emotional distress and loss of privacy, along with a court order for the company to pay for customer credit monitoring and identity theft insurance and periodic audits to ensure customer data is secure.

Zappos representative Diane Coffey in Boston and Amazon spokeswoman Mary Osako in Seattle said both companies have policies against commenting on litigation.

The Las Vegas Sun reported Wednesday on the case, which has been referred to U.S. Magistrate Judge James D. Moyer in Louisville.
Court records show that company lawyers haven't answered the lawsuit, and no hearing dates were immediately set.