Amazon said employee data was compromised after a “security incident” at a vendor, and employee information could be at the root of the data breach. as Amazon spokesman Adam Montgomery confirmed “Amazon and AWS systems remain secure, and we have not experienced a security event. We were notified about a security event at one of our property management vendors that impacted several of its customers including Amazon. The only Amazon information involved was employee work contact information, for example work email addresses, desk phone numbers, and building locations”.
The news comes after a well-known hacker and threat actor claimed to have posted stolen Amazon data on BreachForums website. It also claimed to have over 2.8 million lines of data, which it says were stolen during the MOVEit Transfer breach, which was ranked as the largest breach in 2023.
Amazon declined to say how many employees were affected by the breach. Also noted that the unnamed third-party vendor did not have access to sensitive data such as Social Security numbers or financial information, and said the vendor had fixed the vulnerability responsible for the data breach.