skip to content

Amazon confirms security breach where employee data of millions was leaked

Amazon has confirmed a significant data breach involving information from 2.8 million employees, which was recently exposed on a crime-focused forum.

According to 404 Media, while Amazon’s core systems remain secure, the breach occurred through a third-party vendor responsible for managing the company’s property details.

The leaked data reportedly includes employee names, work contact information, and office locations. The details appeared on Breach Forums, which attributed the data source to MOVEit, a suite of cloud-based data management tools that consisted of over 2.8 million lines of data.

Amazon has clarified that critical internal systems, such as AWS, were unaffected. Instead, the breach originated from a security incident at the property management vendor, which stored limited employee information.

The compromised data consists of work-related details like email addresses, desk phone numbers, and building locations. Crucially, Amazon assured that no sensitive personal data, such as Social Security numbers, government identification, or financial information, was accessed.

The company also confirmed that the vendor promptly resolved the security vulnerability.

The breach first came to light when cybersecurity firm Hudson Rock shared details on social media, highlighting the incident’s potential impact. The situation appears to be part of a broader series of security incidents linked to MOVEit.

VX Underground, a well-known information security platform, pointed out that the breach is the latest in a string of attacks related to vulnerabilities in MOVEit’s software.

Progress Software, the company behind MOVEit, referenced an earlier zero-day vulnerability in MOVEit Transfer disclosed last year, hinting that the current breach might not involve a newly discovered flaw.

This incident adds to growing concerns over MOVEit’s security, as multiple organisations rely on the tool for managing sensitive information. As the investigation continues, scrutiny will likely increase over how Amazon and the affected vendor handle data security and the measures taken to prevent future breaches.

Share your love
Facebook
Twitter
LinkedIn
WhatsApp

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

error: Unauthorized Content Copy Is Not Allowed