Amazon’s Technical Error Disclosed Customer Details
Amazon says “a technical error on its website disclosed customer information during the busiest shopping period of the year. The online retail giant though revealed the technical error and said it has fixed the issue and emailed all the affected customers.
An Amazon spokesman did not answer the questions, like how many people were impacted or whether any of the information was stolen. They insisted that there is ‘no need’ to take action as Black Friday approaches.
Avivah Litan, a senior analyst at Gartner, says email addresses can be used by bad actors for what’s known as phishing: contacting people by email and trying to trick them into providing additional sensitive information, like their passwords or Social Security numbers.
Despite Amazon’s assurance, cybersecurity experts have asked the customers to consider changing their passwords.
Amazon is based in Washington and will have to inform the state attorney general about the recent development involving 500 state residents or more. In Europe, in the wake of the General Data Protection Regulation (GDPR) which means strong data protection rules, it is still not clear if Amazon needs to disclose the incident.
“It is always the company’s responsibility to identify when UK citizens have been affected as part of a data breach and take steps to reduce any harm to consumers,” a spokesperson said. “The ICO will, however, continue to monitor the situation and cooperate with other supervisory authorities where required.”
To continue earning our trust, technology companies need to be forthcoming and transparent when security problems arise. Not only does that provide victims with the maximum amount of information they can use to recover and avoid future problems, but it also gives users confidence that their data is being responsibly managed no matter what happens.
People fear what they don’t understand, and for now, Amazon is failing to help the public understand what happened.
Kevin Jones951 Posts
Kevin Jones, Ph.D., is a research associate and a Cyber Security Author with experience in Penetration Testing, Vulnerability Assessments, Monitoring solutions, Surveillance and Offensive technologies etc. Currently, he is a freelance writer on latest security news and other happenings. He has authored numerous articles and exploits which can be found on popular sites like hackercombat.com and others.