Through a letter sent via email, Amazon announced the dismissal of some employees identified as responsible for leaking some customers’ data, including their email addresses, information that was shared with a third party without any relationship with the company.
A few days ago multiple users began complaining via Twitter due to Amazon’s alert about personal data leakage. The main doubt of the users was whether only a limited number of users had been the victim of this incident or whether it was a general situation.
Over the weekend, Amazon continued to receive requests for information about the security of its users’ sensitive information.
The notification sent by the company is brief but generally reports the situation: “We wrote to inform you that your email address was disclosed by one of our employees to a third party, in a clear violation of our policies. The employee has been dismissed and referred to the relevant authorities; no other information in your account was disclosed and this incident is not the result of an attack on our systems. You do not need to take any additional action. We apologize for the incident.”
An Amazon spokesperson reported that the company will continue to support law enforcement agencies in investigating the incident, although no further details such as the number of affected users were added. Internal threats remain one of the most notorious threats to large technology companies. A few weeks ago, Shopify suffered a data breach that affected 200 e-commerce sites because one of its staff members decided to sell this information. In August of this year, a Russian citizen attempted to hire an employee of Tesla’s subsidiary in an extortion effort, “to convince him to implement an unknown malware strain on the company’s computer network.”
He is a well-known expert in mobile security and malware analysis. He studied Computer Science at NYU and started working as a cyber security analyst in 2003. He is actively working as an anti-malware expert. He also worked for security companies like Kaspersky Lab. His everyday job includes researching about new malware and cyber security incidents. Also he has deep level of knowledge in mobile security and mobile vulnerabilities.