Amazon blamed a technical error for a glitch that inadvertently displayed the names and email addresses associated with users accounts on its website. Though the online retail giant did not provide specific details about the incident that occurred ahead of Black Friday deals, it already began notifying affected customers by email. If you haven’t received communications from Amazon, you’re likely not affected by this technical error.
“We have fixed the issue and informed customers who may have been impacted,” Amazon said in a statement. Amazon has so far not revealed how many email addresses were affected, where the breach occurred, or how long the breach was active before Amazon implemented the fix. “Twitter users across Europe and the United States have reported receiving the email, and forum posts suggest that the error affected consumer rather than business accounts on the platform,” The Verge reported. Additionally, members of Amazon Vine review programs may have also been affected, according to The Telegraph.
If you have received notification from Amazon, the online giant claims that the glitch has been fixed and that you do not need to take any action. Because Amazon’s initial email contained a link on the bottom with an “http” — not an “https” — address and offered very little details surrounding the breach, customers who received the email thought it was a scam, but Amazon later confirmed the email was legitimate. Since Amazon claims that neither its system nor its website was breached, according to ZDNet, users do not have to worry about changing their passwords. However, because the breach exposed a user’s email address, Amazon customers affected by the breach may be more at risk for phishing attacks and spam in the future.
It’s unclear at this time if Amazon had reported the breach to local law enforcement authorities. It appears, at least from what Amazon is disclosing, that this latest breach is unrelated to an earlier breach in October that similarly exposed the email addresses of Amazon’s customers. Amazon revealed that its October breach was a result of a few of its employees selling customer information with a third party. In that breach, Amazon claimed that it fired the responsible employees and was working with law enforcement officials.
