Amazon has suffered a major data breach: the names and email addresses of customers were displayed unencrypted on their website. There are many unanswered questions: how many customers are affected? What is the reason for the breach? What will the consequences be? These are important things for customers. Amazon has stayed silent so far.
“Our website inadvertently disclosed your email address or name and email address due to a technical error. The issue has been fixed. This is not a result of anything you have done, and there is no need for you to change your password or take any other action. The impacted customers have been contacted.” The affected customers received this message from Amazon. It is surprising that they advise users not to change passwords, when names and email addresses were publicly visible. In the case of data leaks or breaches, it’s always advisable to change your password as a precaution.
Apart from this announcement, Amazon has so far remained silent about the current situation, so it is hard to judge how serious the matter actually is. As The Register reports, a British support department even classified the Amazon message as phishing. It’s real, however, as Amazon confirms. They released a short statement: “We have fixed the issue and informed customers who may have been impacted.” That’s all – no more, no less.
More information is needed
With such data leaks, especially when they happen to one of the largest online retailers in the world, it is important to inform customers properly, in order to dispel doubts about security. On Amazon, you don’t just read your email, you shop, so you have payment information, postal addresses and similar highly sensitive data stored on their website.
If names and email addresses are already openly accessible, there is a legitimate concern that more trouble could be on the horizon. Considering, the shopping marathons Black Friday and Cyber Monday are almost upon us, Amazon should be wary of creating distrust in customers. More information about the issue and future security measures are needed.