UPDATED 22:51 EDT / OCTOBER 27 2020

SECURITY

Amazon fires employees for leaking customer information

Amazon.com Inc. has fired a number of employees alleged to have leaked customer information to unaffiliated third parties in violation of company policies.

The incident first came to light after customers started reporting receiving messages from Amazon over the weekend. The messages noted that their email addresses were disclosed by an Amazon employee to a third party, and as a result the employee has been fired and referred to law enforcement.

Just how much data was leaked, how many employees were involved and to whom the data was given was not disclosed. The messages referred to a single employee leaking data, but Amazon said in a statement to Motherboard Monday that it had fired multiple people. Bleeping Computer reported today that the leaked data may not have been limited to customers in the U.S., with account holders in the U.K. receiving messages from Amazon Canada.

Insider threats remain an ongoing issue for companies large and small. In one example, “rogue” employees at Shopify Inc. were caught stealing merchant account data in September.

“It is critical for businesses to recognize that threats from legitimate users have always been more elusive and harder to detect or prevent than traditional external threats,” Orion Cassetto, director of product marketing at security information and event management firm Exabeam Inc., told SiliconANGLE. “Organizations must be armed with the tools to prevent threats from within their walls from launching attacks.”

Noting that there are ways for companies to combat employee data theft, Bryan Skene, chief technology officer at security firm Tempered Networks Inc., commented that many organizations have chosen to adopt a zero-trust policy to counter such insider threats.

“Zero trust protects against these situations because everything — user, server or networked device — is required to establish trust first in order to communicate, even within the network perimeter,” Skene explained. “We recommend utilizing a software-defined perimeter that extends invisibility to cloud, multicloud, virtual, physical and edge environments. This provides global connectivity and mobility for entire workforces using one comprehensible policy, wherever they are, for whatever they need to reach securely.”

Photo: Pxhere

A message from John Furrier, co-founder of SiliconANGLE:

Show your support for our mission by joining our Cube Club and Cube Event Community of experts. Join the community that includes Amazon Web Services and Amazon.com CEO Andy Jassy, Dell Technologies founder and CEO Michael Dell, Intel CEO Pat Gelsinger and many more luminaries and experts.

Join Our Community 

Click here to join the free and open Startup Showcase event.

“TheCUBE is part of re:Invent, you know, you guys really are a part of the event and we really appreciate your coming here and I know people appreciate the content you create as well” – Andy Jassy

We really want to hear from you, and we’re looking forward to seeing you at the event and in theCUBE Club.

Click here to join the free and open Startup Showcase event.