I received an email from Amazon last night informing me they leaked my email. It's clear they had a security breach but they are not forthcoming with any other information. It's terrible timing for them with Black Friday approaching but this disclosure is not very comforting.


"We're contacting you to let you know that our website inadvertently disclosed your email address due to a technical error. The issue has been fixed. This is not a result of anything you have done, and there is no need for you to change your password or take any other action.


Sincerely,
Customer Service
http://Amazon.com"

I found one source confirming the security breach but Amazon was not forthcoming with any additional information about the breach of their system.

https://www.bleepingcomputer.com/news/security/amazon-data-leak-exposes-email-addresses-right-before-black-friday/

I got the same email.

Nothing here.

Nope

Nada here

Eh. Wait for their next email where your credit card info was compromised.

I got it. They seemed to be a lot more relaxed about it than I am.

And suddenly I have 3 emails from people wanting me to write product reviews in exchange for their crappy products. I just don't need another makeup mirror.

Nothing received and my wife buys stuff thru amazon frequently.

Beware of scammers & fisching emails. Log into your account to question that “amazon” email DoNot respond to that email by replying or clicking on any link.
The same goes for any security breach emails from supposedly “iTune or Apple” or any other such type email.
Be smart and don’t fall for any of this crap that seems to be on the increase this time of year,and try to inform & educate your elders not to fall for theses.

I contacted Amazon immediately after I received their email . Amazon is doing all they can to prevent this from damaging their business and they are not going to release anything else. They are trying to cut their losses with minimal notifications and a minimal release to those affected by the leak/breach. Amazon is not responding to anyone else and they have been contacted by multiple media sources about their system breach.

https://www.pcmag.com/news/365070/amazon-leaks-customer-names-and-email-addresses

https://www.zdnet.com/article/amazon-leaks-users-email-addresses-due-to-technical-error/

https://www.msn.com/en-us/news/us/how-to-tell-if-the-amazon-leak-exposed-your-email-and-name-to-the-public/ar-BBPXkwX

I contacted Amazon immediately after I received their email . Amazon is doing all they can to prevent this from damaging their business and they are not going to release anything else. They are trying to cut their losses with minimal notifications and a minimal release to those affected by the leak/breach. Amazon is not responding to anyone else and they have been contacted by multiple media sources about their system breach.

https://www.pcmag.com/news/365070/amazon-leaks-customer-names-and-email-addresses

https://www.zdnet.com/article/amazon-leaks-users-email-addresses-due-to-technical-error/

https://www.msn.com/en-us/news/us/how-to-tell-if-the-amazon-leak-exposed-your-email-and-name-to-the-public/ar-BBPXkwX

I've received notices from Amz before, however this one was a no show. So whether they actually sent it or not, seems like it's running 50/50 on the forum

I saw something about it in the tech news, but I have received no contact from Amazon about being affected by it...and I've received 8 emails from them in the past 2 days about other shhhtuff.

They are saving money by only telling half the customers because they know the other half will find out for free.

No email here.. are you sure it's from Amazon and it's not a fishing expedition?

Not here either.

No email here.. are you sure it's from Amazon and it's not a fishing expedition?

It's easy to verify, send the email to amazon's security dept. They handle that all the time.

Bottom line is, when ever there's a questionable contact. Get with said business to verify authenticity.

Eh. Wait for their next email where your credit card info was compromised.


I contacted Amazon immediately after I received their email . Amazon is doing all they can to prevent this from damaging their business and they are not going to release anything else. They are trying to cut their losses with minimal notifications and a minimal release to those affected by the leak/breach. Amazon is not responding to anyone else and they have been contacted by multiple media sources about their system breach.

https://www.pcmag.com/news/365070/amazon-leaks-customer-names-and-email-addresses

https://www.zdnet.com/article/amazon-leaks-users-email-addresses-due-to-technical-error/

https://www.msn.com/en-us/news/us/how-to-tell-if-the-amazon-leak-exposed-your-email-and-name-to-the-public/ar-BBPXkwX

These hack/breech notifications always follow the same trend. They start small with something like "We regret to inform you...but we do not believe you are at any risk". Then more information comes out from a couple of weeks to a couple of months later which states that the breech was larger than they initially thought and X million individuals were effected and may be at moderate risk. Then another notification (usually through the press) which indicates XX million effected with potentially serious risk.. Then, finally, a last notification (always through the press) which indicates several XXX million effected and the company is still trying to identify the degree of risk to individuals. It seems that companies and the .fed all believe that using this system of incrementally identifying how bad the breech was will have a lessor impact on them as people gradually accept that it occurred. Most sheep fall for it.

What you never hear these companies tell you is exactly WHEN the breech occurred and WHEN they discovered it. The average cyber breech takes 6 months to discover. One of the largest breeches which came to light by the public a few years back took 34 months to discover. It took them months to publicly divulge that it occurred - all so they could implement their plan forward.

With those who hold your Personally Identifiable Information (PII) having so much trouble keeping it protected you really don't have a chance to avoid having it released. It's so bad that you could stop shredding any of your PII containing documents and you wouldn't noticeably increase your risk (don't do that by the way).

No email here.. are you sure it's from Amazon and it's not a fishing expedition?


While some had speculated the email was some-sort of scam, largely due to the inclusion of an HTTP, rather than HTTPS link at the bottom, Amazon has confirmed the breach, saying in a statement given to INQ: "We have fixed the issue and informed customers who may have been impacted."

However, the firm is remaining tight-lipped on crucial details, such as the cause of the breach and how many customers have been affected. It's also unclear whether it's been in touch with relevant authorities, such as the UK's Information Commissioner's Office.

It's real. And it's not just in the US.