Amazon hit by unexplained data leak just days before Black Friday

Amazon is the 'white whale' when it comes to hackers targeting online retailers

Anthony Cuthbertson
Wednesday 21 November 2018 18:20
comments

Amazon has suffered a customer data leak less than two days before Black Friday.

Amazon customer service contacted people to warn them that their names and email addresses had been compromised, though it is not yet clear how many customers were affected or how it happened.

An Amazon spokesperson told The Independent: “We have fixed the issue and informed customers who may have been impacted.”

The customer message stated: "We're contacting you to let you know that our website inadvertently disclosed your name and email address due to a technical error.

"The issue has been fixed. This is not a result of anything you have done, and there is no need for you to change your password or take any other action."

The fact that only names and email addresses were affected makes the information leaked less significant than some other data breaches where credit card details have been exposed.

Cyber security experts warn that despite the limited nature of the data leak, customers should still be weary about how it can be used.

"Cyber criminals can do a lot of damage with a large database of names and emails. The greatest risk is of brute force attacks - where criminals use a leaked email address and common password combinations to try and break into other personal accounts," Richard Walters, chief technology officer of CensorNet, wrote in an email to The Independent.

"A large majority of people still use predictable passwords, and thanks to previous high-profile breaches many people's passwords are also readily available on the dark web. For cyber criminals, it then just becomes a exercise in joining the dots. This risk is amplified by the fact that many people also use their work email addresses for personal accounts or services such as Amazon"

Mr Walters described Amazon as the "white whale" when it comes to e-commerce companies, meaning it is a constant target for hackers.

Advice for any Amazon customer affected, or anyone concerned they might have been, is to change their passwords as a matter of priority on all online services that they use, both work and private.

Join our new commenting forum

Join thought-provoking conversations, follow other Independent readers and see their replies

View comments