UPDATED 22:51 EST / OCTOBER 27 2020

amazondata SECURITY

Amazon fires employees for leaking customer information

Amazon.com Inc. has fired a number of employees alleged to have leaked customer information to unaffiliated third parties in violation of company policies.

The incident first came to light after customers started reporting receiving messages from Amazon over the weekend. The messages noted that their email addresses were disclosed by an Amazon employee to a third party, and as a result the employee has been fired and referred to law enforcement.

Just how much data was leaked, how many employees were involved and to whom the data was given was not disclosed. The messages referred to a single employee leaking data, but Amazon said in a statement to Motherboard Monday that it had fired multiple people. Bleeping Computer reported today that the leaked data may not have been limited to customers in the U.S., with account holders in the U.K. receiving messages from Amazon Canada.

Insider threats remain an ongoing issue for companies large and small. In one example, “rogue” employees at Shopify Inc. were caught stealing merchant account data in September.

“It is critical for businesses to recognize that threats from legitimate users have always been more elusive and harder to detect or prevent than traditional external threats,” Orion Cassetto, director of product marketing at security information and event management firm Exabeam Inc., told SiliconANGLE. “Organizations must be armed with the tools to prevent threats from within their walls from launching attacks.”

Noting that there are ways for companies to combat employee data theft, Bryan Skene, chief technology officer at security firm Tempered Networks Inc., commented that many organizations have chosen to adopt a zero-trust policy to counter such insider threats.

“Zero trust protects against these situations because everything — user, server or networked device — is required to establish trust first in order to communicate, even within the network perimeter,” Skene explained. “We recommend utilizing a software-defined perimeter that extends invisibility to cloud, multicloud, virtual, physical and edge environments. This provides global connectivity and mobility for entire workforces using one comprehensible policy, wherever they are, for whatever they need to reach securely.”

Photo: Pxhere

Since you’re here …

Show your support for our mission with our one-click subscription to our YouTube channel (below). The more subscribers we have, the more YouTube will suggest relevant enterprise and emerging technology content to you. Thanks!

Support our mission:    >>>>>>  SUBSCRIBE NOW >>>>>>  to our YouTube channel.

… We’d also like to tell you about our mission and how you can help us fulfill it. SiliconANGLE Media Inc.’s business model is based on the intrinsic value of the content, not advertising. Unlike many online publications, we don’t have a paywall or run banner advertising, because we want to keep our journalism open, without influence or the need to chase traffic.The journalism, reporting and commentary on SiliconANGLE — along with live, unscripted video from our Silicon Valley studio and globe-trotting video teams at theCUBE — take a lot of hard work, time and money. Keeping the quality high requires the support of sponsors who are aligned with our vision of ad-free journalism content.

If you like the reporting, video interviews and other ad-free content here, please take a moment to check out a sample of the video content supported by our sponsors, tweet your support, and keep coming back to SiliconANGLE.