Amazon joins the BBC and Sony in the list of organisations affected by the Moveit file transfer system.
Amazon has announced that data relating to some of its employees has been stolen by a hacker.
According to 404 Media, the breach exposed information linked to the employees, which ended up on the hacking website BreachForums.
Hudson Rock, a firm which specialises in cybersecurity, has said that the threat actor, operating under the pseudonym ‘Nam3L3ss’ claims to have published data allegedly stolen from a total of 25 major organisations.
In the case of Amazon, Nam3L3ss alleges that they are in possession of more than 2.8m lines of data, which they say was stolen during last year’s mass-exploitation of Moveit transfer.
According to antivirus company Emsisoft, the Moveit hack has affected more than 95m individuals as of June 2024.
In a statement to SiliconRepublic.com, an Amazon spokesperson said: “Amazon and AWS systems remain secure, and we have not experienced a security event. We were notified about a security event at one of our property management vendors that impacted several of its customers including Amazon.
“The only Amazon information involved was employee work contact information, for example work email addresses, desk phone numbers, and building locations.”
The spokesperson also stated that the vendor impacted by the breach does not have “sensitive employee information” such as social security numbers, government identification, or financial information and that the security vulnerability responsible for the event has been fixed.
According to TechCrunch, Amazon declined to specify exactly how many employees were impacted by the breach.
Potential solutions to data being stolen
It should come as no surprise then that data breaches are fast becoming a notable concern, not just for the average internet user, but for several companies and even government bodies worldwide.
Spencer Starkey, executive VP of EMEA at cybersecurity group SonicWall, provided SiliconRepublic.com with his thoughts following the theft of data at Amazon.
Starkey explained: “These recent incidents prove that everyone is vulnerable to cyberattacks. Data has become an incredibly valuable asset to businesses and governments, resulting in the marketisation of data.
“The sheer number of attacks the average customer can experience daily, forces organisations of all sizes to automate detection solutions, to identify and halt any attack before it enters the system.”
He added: “Solutions like multi-engine cloud sandbox capability provide an additional layer to protect employees whether in the office or at home, ultimately mitigating and reducing the opportunity for exploitation.”
Don’t miss out on the knowledge you need to succeed. Sign up for the Daily Brief, Silicon Republic’s digest of need-to-know sci-tech news.