Amazon Confirms Employee Data Breach
The breach, linked to the MOVEit vulnerability, exposed over 2.8 million lines of employee contact information without compromising sensitive data.
- Amazon's core systems remain secure, with no customer account data affected by the breach.
- The compromised data includes employee email addresses, phone numbers, and building locations.
- The breach resulted from a vulnerability in the MOVEit file transfer system, exploited by cybercriminals in 2023.
- Threat actor 'Nam3L3ss' claims to have published the data on a hacking forum, impacting Amazon and 25 other organizations.
- Amazon emphasizes that the vendor has since patched the vulnerability, and no sensitive employee data, such as Social Security numbers, was accessed.
Forbes 
Benzinga 
The Register 
The Verge 
BleepingComputer 
TechCrunch 