Amazon discloses names and addresses -- but doesn't disclose details

Marco Green
November 21, 2018

Amazon customers in the US, the United Kingdom and Europe who had received the notifications via email Wednesday about the breach posted about the notices on social media.

Amazon said Wednesday it accidentally disclosed some of its users' email addresses and names, but has since patched up the problem.

In October, Amazon said it fired an employee who had provided customer email addresses to a third-party seller on the site and had notified affected users of the policy violation.

"The issue has been fixed".

"This is not a result of anything you have done, and there is no need for you to change your password or take any other action", the email concludes.

But while Amazon remained silent on numerous incident details, the company did make it clear to us that its website and its internal systems were not breached.

These emails have been making rounds in the past couple of days.

An Amazon spokesperson did tell us that they "fixed the issue and informed customers who may have been impacted", but didn't respond to additional questions ZDNet sent over.

It is thought it must have been found relatively recently though as, under GDPR, introduced across Europe earlier this year, companies must inform users data breaches within 72 hours of discovery. It's also unclear whether it's been in touch with relevant authorities, such as the UK's Information Commissioner's Office. The ICO is keeping quiet at the moment, but we can expect some feedback soon enough.

Other reports by Click Lancashire

Discuss This Article