Black Friday surprise: Amazon data breach exposes customer email addresses - Metro US

Black Friday surprise: Amazon data breach exposes customer email addresses


It was not the Black Friday event Amazon customers were expecting.

Two days before the biggest shopping day of the year, Amazon suffered a major data breach: The names and email addresses of hundreds of customers were accidentally published on the site.

Spokespeople for the online retail giant said the company wasn’t hacked; the exposed information was due to an internal technical glitch.

Multiple news outlets reported that Amazon spokespeople wouldn’t say how many customers were affected or whether the information was stolen. In a short statement, the company said, “We have fixed the issue and informed customers who may have been impacted.”

According to the Guardian, customers who received those emails were told: “Our website inadvertently disclosed your email address or name and email address due to a technical error. The issue has been fixed. This is not a result of anything you have done, and there is no need for you to change your password or take any other action. The impacted customers have been contacted.”

The company added: “Amazon takes all security-related matters very seriously and your account security is our top priority. We have policies and security measures in place to ensure that your personal information remains secure.”

However, an expert says that anyone affected by the breach should ignore Amazon’s advice and change their passwords immediately.

“If the reports are correct, the information leaked — names and email addresses — is less significant than some of these other breaches, which saw card details leaked,” said Richard Walters, chief technical officer of the cybersecurity firm CensorNet. “However, it would be wrong to assume that this makes the breach inconsequential. Cyber-criminals can do a lot of damage with a large database of names and emails. A large majority of people still use predictable passwords, and thanks to previous high-profile breaches many people’s passwords are also readily available on the dark web.”

For Amazon, the incident adds to a rollercoaster of a year. Bain & Co. predicts that the retailer will ring up half of all online sales in 2018. But last week’s announcement of the winners of its HQ2 contest was criticized as a foregone conclusion involving unnecessarily large subsidies: 283 cities competed to score Amazon’s next headquarters, with New York City and Washington, D.C., ultimately securing 25,000 jobs each.

New York City will offer Amazon $3 billion in city and state tax incentives and grants, contingent on the company creating 25,000 jobs at its new Long Island City site. Amazon said the average annual salary there would be $150,000.

But at a Queens community board meeting on Tuesday, city officials who brokered the deal said that half the jobs will not be in tech. They will include administrative and custodial positions, among others.

Amazon stock closed up 1.42 percent on Wednesday, with .2 percent added in after-hours trading.

More from our Sister Sites