Security

Amazon ‘Error’ Exposes Countless Customer Emails

Amazon is remaining tight-lipped after sending an email to an unknown number of customers revealing that a ‘technical error’ disclosed their email address.

There has been no further information from the online giant about the incident except to confirm that it had been fixed and that all affected customers had been informed.

The email itself, tweeted many times by concerned customers, claimed: “Our website inadvertently disclosed your email address due to a technical error.”

It went on to say: “This is not a result of anything you have done, and there is no need for you to change your password or take any other action.”

However, the information vacuum has led to speculation over the email.

One user, @PogoWasRight, branded the outreach “unsatisfactory.”

“For how long was my email address exposed? To whom was it exposed? The whole world? How did it wind up exposed? Could anyone seeing it also see orders linked to that email address?” they asked on Twitter.

Several other users complained that it appeared like a phishing email because of inconsistencies. For example, it’s not personalized and is signed off with “http://Amazon.com” — which is an insecure site, with an unusually capped “A.”

Researcher Brian Krebs has suggested the incident may be related to reports in early October of an Amazon employee being fired after sharing customer email addresses with an outside seller on its platform.

As the issue relates to Amazon.com, it’s unlikely to affect European citizens, but if that’s a possibility the firm would have had to come clean to the authorities of any serious breach within 72-hours of discovery.

The incident couldn’t have come at a worse time for the e-commerce giant, just as Americans head into the Thanksgiving holidays when the online retailer will hope to make a fortune on the back of Black Friday and Cyber Monday.

Articles You May Like

New Russian-Linked Malware Poses “Immediate Threat” to Energy Grids
Smart contract benefits and best practices for security
Digital security for the self‑employed: Staying safe without an IT team to help
Advanced Phishing Attacks Surge 356% in 2022
TechCrunch+ roundup: South Korea investor survey, 1-hour board meetings, venture leasing basics

Leave a Reply

Your email address will not be published. Required fields are marked *