Amazon ‘technical error’ leaks customer data

Several Amazon customers have today received emails from the company advising that their information has been exposed to the web due to a "technical error". The message suggests that only customers’ email addresses were exposed. The company has thus far declined to comment on the nature of the error or how many customer accounts were affected.

In a statement, Amazon said, "We have fixed the issue and informed customers who may have been impacted."

However, despite their statement Amazon has come under pressure for advising customers that they did not need to change their passwords.

“It puts them at risk of phishing attacks, and it could allow hackers to attempt to reset their accounts,” John Porter, writing in The Verge, noted.

"Cyber criminals can do a lot of damage with a large database of names and emails. The greatest risk is of brute force attacks - where criminals use a leaked email address and common password combinations to try and break into other personal accounts," Richard Walters, chief technology officer of CensorNet, wrote in an email to The Independent. Walters described the company as a constant target for hackers.

Amazon has thus far declined to respond to questions regarding the incident, including how many customers were affected by the breach, the extent of the information that was leaked and how long their information was left exposed.

Whilst an Amazon spokesperson insisted to CNBC that the company’s website was not breached, they declined to say how the error occurred or specify where customers’ information was visible.

The Independent’s advice to customers who received Amazon’s email, or those concerned that they should have, was “to change their passwords as a matter of priority on all online services that they use, both work and private.”

(Image courtesy Jane Barlow/PA)