Skip to main content

Amazon breach exposes an unknown number of email addresses

Amazon blamed a technical error for a glitch that inadvertently displayed the names and email addresses associated with users accounts on its website. Though the online retail giant did not provide specific details about the incident that occurred ahead of Black Friday deals, it already began notifying affected customers by email. If you haven’t received communications from Amazon, you’re likely not affected by this technical error.

“We have fixed the issue and informed customers who may have been impacted,” Amazon said in a statement. Amazon has so far not revealed how many email addresses were affected, where the breach occurred, or how long the breach was active before Amazon implemented the fix. “Twitter users across Europe and the United States have reported receiving the email, and forum posts suggest that the error affected consumer rather than business accounts on the platform,” The Verge reported. Additionally, members of Amazon Vine review programs may have also been affected, according to The Telegraph.

If you have received notification from Amazon, the online giant claims that the glitch has been fixed and that you do not need to take any action. Because Amazon’s initial email contained a link on the bottom with an “http” — not an “https” — address and offered very little details surrounding the breach, customers who received the email thought it was a scam, but Amazon later confirmed the email was legitimate. Since Amazon claims that neither its system nor its website was breached, according to ZDNet, users do not have to worry about changing their passwords. However, because the breach exposed a user’s email address, Amazon customers affected by the breach may be more at risk for phishing attacks and spam in the future.

It’s unclear at this time if Amazon had reported the breach to local law enforcement authorities. It appears, at least from what Amazon is disclosing, that this latest breach is unrelated to an earlier breach in October that similarly exposed the email addresses of Amazon’s customers. Amazon revealed that its October breach was a result of a few of its employees selling customer information with a third party. In that breach, Amazon claimed that it fired the responsible employees and was working with law enforcement officials.

Editors' Recommendations

Chuong Nguyen
Silicon Valley-based technology reporter and Giants baseball fan who splits his time between Northern California and Southern…
Amazon tweaks in-garage delivery option, so now you might have to pay
amazon tweaks in garage delivery to make it less convenient

Amazon will soon start adding a small fee for Prime members using its In-Garage Delivery option unless the delivery is made on the customer’s designated Amazon Day.

In-Garage Delivery does what it says on the tin, with the delivery person placing the package in a more secure location that's out of view of porch pirates, while also protecting it from bad weather.

Read more
Amazon makes it harder for non-Prime members to get free delivery
Amazon logo on the headquarters building.

Amazon is constantly adjusting its delivery costs for its online shoppers, whether they’re Prime members or not.

The latest change, which came this week and affects non-Prime members, will see the minimum purchase cost for free shipping increase to $35 in a number of markets, according to notices on its website that were spotted by CNBC.

Read more
Amazon expands use of generative AI to summarize product reviews
An AI-generated review highlight on Amazon's website.

Amazon is rolling out the use of generative-AI technology to summarize customer product reviews on its shopping site.

It follows several months of testing the feature, which is designed to help speed up the shopping experience for those who don’t want to spend a long time trawling through endless reviews.

Read more