Some Amazon customers had their names and emails “inadvertently disclosed” by the tech giant’s website due to a “technical error.”
Amazon notified the customers affected Wednesday morning, and several people posted the message on social media. Amazon confirmed the error and said it was not a data breach of any of the company’s system.
Woke up to this email from Amazon. Cool…thanks for the technical error. "There is no need for you to change your password or take any other action." Well @AmazonHelp I'm changing my password anyway. #Amazon #AmazonEmail #TechnicalError pic.twitter.com/OAheQ4MPLD
— A.C. Junior (@OfficialMisterC) November 21, 2018
Amazon's legit been sending out notices saying sorry we exposed your email address. Seems likely related to this https://t.co/21cRB2dHTk… Besides the brevity, what's giving people pause is they sign the email https://t.co/KDiteRFaeR Why cap the "a" and why no https://? Strange pic.twitter.com/mwty3GmCN1
— briankrebs (@briankrebs) November 21, 2018
Amazon issued the following statement about the situation: “We have fixed the issue and informed customers who may have been impacted.”
Ilia Kolochenko, CEO and founder of Swedish web security company High-Tech Bridge, agreed with Amazon’s assessment that the incident does not represent a data breach. Instead, to Kolochenko it looks like an “inadvertent programming error that made some details of Amazon’s profiles publicly available to random people.”
“Unfortunately, even such companies as Amazon are not immune from such omissions,” Kolochenko said. “Our IT systems become more convoluted and intricate every day, inevitably causing more human errors. Amazon’s reaction seems to be quite prompt, however an official statement would certainly be helpful to prevent any speculation and unnecessary exaggeration of the incident and its scope.”