Overview

• Amazon's core systems remain secure, with no customer account data affected by the breach.
• The compromised data includes employee email addresses, phone numbers, and building locations.
• The breach resulted from a vulnerability in the MOVEit file transfer system, exploited by cybercriminals in 2023.
• Threat actor 'Nam3L3ss' claims to have published the data on a hacking forum, impacting Amazon and 25 other organizations.
• Amazon emphasizes that the vendor has since patched the vulnerability, and no sensitive employee data, such as Social Security numbers, was accessed.