Amazon Employee Information Compromised in Recent Vendor Cyber-Attack
“`html
Amazon Confirms Employee Data Breach After Vendor Hack
In an alarming development, global e-commerce giant Amazon has confirmed a significant data breach that exposed sensitive employee information.
The breach appears to have emanated from a cyber attack on MOVEit, a secure file transfer system in May 2023.
Hack Detailed
The breach came to light after details purportedly stolen from MOVEit started surfacing on various hacktivist forums.
Investigations by independent cybersecurity researchers traced the posted dataset back to Amazon, revealing that a significant volume of the company’s employee data had potentially been compromised.
Amazon’s Response
Amazon swiftly acknowledged the breach, revealing that it primarily affected non-customer data. “We’re currently investigating the incident and ensuring the safety of our systems and data.
At this stage, it largely involves our employees’ data, and we’ve yet to find any evidence of customer information being affected,” said an Amazon spokesperson.
Business Vendor Attacks: A Rising Threat
Incidents like the MOVEit attack underline a rising trend of adversaries targeting business vendors to access larger organisations’ data.
Other prominent examples of such supply chain attacks include the SolarWinds hack and the more recent Kaseya ransomware attack. (source)
Advice for Professionals
As a cybersecurity professional, it’s of utmost importance to ensure the security of not only your own network, but also your business partners’.
Vendors and third-party service providers can often serve as entry points for cybercriminals.
Conducting regular security audits, enforcing strict security policies, and utilising a zero-trust security model are effective measures to thwart such threats.
Follow-Up Reading
- Krebs on Security: U.S.
Treasury, Commerce Depts.
Hacked Through SolarWinds Compromise
- Reuters: What we know about the impact of the Kaseya ransomware attack
- ZDNet: Zero Trust: What it is and why it matters
“`