wolverine_dcp
Expert Member
- Joined
- Jul 30, 2013
- Messages
- 4,674
- Reaction score
- 26
Summary
Amazon has suffered a major data breach that caused customer names and email addresses to be disclosed on its website, just days before Black Friday.
The e-commerce giant said it has emailed affected customers but refused to give any more details on how many people were affected or where they are based.
The firm said the issue was not a breach of its website or any of its systems, but a technical issue that inadvertently posted customer names and email addresses to its website.
Customers who received the email were told: “Our website inadvertently disclosed your email address or name and email address due to a technical error. The issue has been fixed. This is not a result of anything you have done, and there is no need for you to change your password or take any other action. The impacted customers have been contacted.”
The timing of the breach could not have been worse for Amazon due to Black Friday predominately taking place globally.
Richard Walters, chief technical officer of cybersecurity firm CensorNet, said those affected should ignore Amazons’s advice and consider changing their passwords. If the reports are correct, the information leaked – names and email addresses – is less significant than some of these other breaches, which saw card details leaked,” he said. “However, it would be wrong to assume that this makes the breach inconsequential. Cyber-criminals can do a lot of damage with a large database of names and emails.
“A large majority of people still use predictable passwords, and thanks to previous high-profile breaches many people’s passwords are also readily available on the dark web. For cyber-criminals, it then just becomes an exercise in joining the dots.”
https://www.itgovernance.co.uk/blog/amazons-data-breach-email-looks-like-a-phishing-scam
https://www.theguardian.com/technology/2018/nov/21/amazon-hit-with-major-data-breach-days-before-black-friday
Amazon has suffered a major data breach that caused customer names and email addresses to be disclosed on its website, just days before Black Friday.
The e-commerce giant said it has emailed affected customers but refused to give any more details on how many people were affected or where they are based.
The firm said the issue was not a breach of its website or any of its systems, but a technical issue that inadvertently posted customer names and email addresses to its website.
Customers who received the email were told: “Our website inadvertently disclosed your email address or name and email address due to a technical error. The issue has been fixed. This is not a result of anything you have done, and there is no need for you to change your password or take any other action. The impacted customers have been contacted.”
The timing of the breach could not have been worse for Amazon due to Black Friday predominately taking place globally.
Richard Walters, chief technical officer of cybersecurity firm CensorNet, said those affected should ignore Amazons’s advice and consider changing their passwords. If the reports are correct, the information leaked – names and email addresses – is less significant than some of these other breaches, which saw card details leaked,” he said. “However, it would be wrong to assume that this makes the breach inconsequential. Cyber-criminals can do a lot of damage with a large database of names and emails.
“A large majority of people still use predictable passwords, and thanks to previous high-profile breaches many people’s passwords are also readily available on the dark web. For cyber-criminals, it then just becomes an exercise in joining the dots.”
https://www.itgovernance.co.uk/blog/amazons-data-breach-email-looks-like-a-phishing-scam
https://www.theguardian.com/technology/2018/nov/21/amazon-hit-with-major-data-breach-days-before-black-friday