Amazon blames ‘technical issue’ for exposing customer names and email addresses
Amazon.com Inc. has exposed customer names and email addresses in a data breach they are describing as a “technical error.”
The e-commerce giant started emailing customers affected on Tuesday, saying only that the issue has been fixed and that the affected customers did not need to change their passwords.
Amazon confirmed the “technical error” in a statement, confirming that the contents of the emails sent out and shared on social media were accurate but declined to provide any further information such as what the technical error consisted of or how many customers it may have affected.
Amazon's legit been sending out notices saying sorry we exposed your email address. Seems likely related to this https://t.co/21cRB2dHTk… Besides the brevity, what's giving people pause is they sign the email https://t.co/KDiteRFaeR Why cap the "a" and why no https://? Strange pic.twitter.com/mwty3GmCN1
— briankrebs (@briankrebs) November 21, 2018
Amazon’s U.K. office was a little more forthcoming than the head office in Seattle, telling The Register that the issue “wasn’t a breach in the sense of a hack while maintaining that the snafu is an inadvertent technical error.”
The same report noted that the Information Commissioner’s Office, the U.K. office in charge of compliance to the reporting provisions of the EU General Data Protection Regulation, seemed to indicate that it had not been informed of a data breach by Amazon, something that is required under the regulation.
“It is always the company’s responsibility to identify when U.K. citizens have been affected as part of a data breach and take steps to reduce any harm to consumers,” the office noted. “The ICO will, however, continue to monitor the situation and cooperate with other supervisory authorities where required.”
Carl Wright, chief executive officer at AttackIQ Inc., told SiliconANGLE that exposure of any type of customer data is an issue and organizations should always have a plan for continuously assessing the viability of their security controls.”
“For a company that claimed half of all online sales through Black Friday 2017 and amassed over $1 billion in sales, allowing customer emails to be exposed could affect sales, especially when competitors like Target, Walmart and Best Buy made strong pushes in e-commerce around last year’s Black Friday and Cyber Monday deals,” Wright added.
Since you’re here …
Show your support for our mission with our one-click subscription to our YouTube channel (below). The more subscribers we have, the more YouTube will suggest relevant enterprise and emerging technology content to you. Thanks!
Support our mission: >>>>>> SUBSCRIBE NOW >>>>>> to our YouTube channel.
… We’d also like to tell you about our mission and how you can help us fulfill it. SiliconANGLE Media Inc.’s business model is based on the intrinsic value of the content, not advertising. Unlike many online publications, we don’t have a paywall or run banner advertising, because we want to keep our journalism open, without influence or the need to chase traffic.The journalism, reporting and commentary on SiliconANGLE — along with live, unscripted video from our Silicon Valley studio and globe-trotting video teams at theCUBE — take a lot of hard work, time and money. Keeping the quality high requires the support of sponsors who are aligned with our vision of ad-free journalism content.