Users report receiving email from e-commerce giant Amazon about leaked data.
Amazon has reportedly reached out to an unspecified number of users to inform them that a technical error saw the website disclose their names and email addresses.
The company has denied there has been a data breach of its website ahead of the pivotal Black Friday and Cyber Monday sales.
In a curt email to a number of its customers, Amazon said: “We’re contacting you to let you know that our website inadvertently disclosed your name and email address due to a technical error. The issue has been fixed. This is not a result of anything you have done, and there is no need for you to change your password or take any other action.” It is signed off by Customer Service.
The e-commerce giant has made no other statement beyond the email.
Is the Amazon email legit?
Amazon's legit been sending out notices saying sorry we exposed your email address. Seems likely related to this https://t.co/21cRB2dHTk… Besides the brevity, what's giving people pause is they sign the email https://t.co/KDiteRFaeR Why cap the "a" and why no https://? Strange pic.twitter.com/mwty3GmCN1
— briankrebs (@briankrebs) November 21, 2018
Where the matter goes next will depend on Amazon fulfilling regulatory responsibilities in jurisdictions such as Europe where, under GDPR, it must inform bodies such as the Office of the Data Protection Commissioner in Ireland or the Information Commissioner’s Office in the UK if users in those countries were affected by a breach.
Also, the paucity of actual information in the email gives affected users little detail to actually defend themselves if their data has fallen into the wrong hands. Some observers are even questioning the veracity of the email and are querying whether it may be an elaborate phishing hoax.
Twitter users across Europe and the US have reported receiving the email.
Amazon, a company as notorious as Apple for its secrecy, remains tight-lipped about the matter.