Global tech and logistics giant Amazon recently fired several employees for leaking sensitive consumer data to third parties and violating company policy. The affected employees reportedly leaked customers’ email addresses.
Amazon has made attempts to contact every customer whose email address was leaked and has issued apologetic statements. This string of events took place this past week.
Amazon has not issued any informative brief about this matter. Therefore, we do not know how many email addresses of customers were compromised. However, the company has issued a statement saying, “The individuals responsible for this incident have been fired. We have referred the bad actors to law enforcement and are supporting their criminal prosecution”.
Several customers who received correspondence from Amazon are taking it to social media, especially Twitter, to voice their disdain and confusion. Customers are confused because they do not know whether they are solitary victims of this matter, or if more people are affected.
Some users received a consolation-filled email from the tech giant, saying “We are writing to let you know that your e-mail address was disclosed by an Amazon employee to a third-party in violation of our policies. As a result, we have fired the employee, referred them to law enforcement, and are supporting law enforcement’s criminal prosecution”.
VICE News obtained copies of this email over the weekend. The correspondence ends with Amazon assuring the customers that “there is no need (for you) to take action”.
Regrettably, the company has also not clarified the geographical impact of this data leak. It’s not easy to determine who is specifically affected and from which part of the world.
A Twitter user called out Amazon’s customer services and questioned why he/she, a customer in the UK, had received an email from the company’s Canadian branch. The urgency of his query is based on the exposure to risk that arises when hackers access personal emails. Specifically, hackers may decide to use the email details to execute email phishing scams.
So, what I’m trying to find out is:
Is it just my email address that’s been disclosed?
Has Amazon had a more general data breach – and have you notified relevant UK authorities?
Why is the Canadian branch notifying a UK account holder?— Routinely Rateled (@radek_ratel) October 24, 2020
In the case of this specific user, Amazon’s PR team reached out to help immediately, decreasing the possibilities of a phishing scam.
However, a data leak can be detrimental for the consumers, since it can result in a large scale cybersecurity threat. Besides, it can have debilitating effects on the Amazon brand because its cybersecurity credibility has been whittled by the attack.
