- Sasha Obama went to prom and Twitter is delighted with the photos 6 Months Ago
- Jon Voight says Trump is the greatest president since Lincoln in Twitter videos Today 1:31 PM
- #DeleteFacebook gains momentum after the platform refused to remove doctored Nancy Pelosi videos Today 11:58 AM
- ‘Game of Thrones’ failed women—and it’s a shame on its legacy Today 7:40 AM
- How to use Tor, the network that lets you browse the web anonymously Today 7:30 AM
- How to live stream Devin Haney vs. Antonio Moran on DAZN Today 7:00 AM
- Trump’s transphobic policies are disgusting—but they aren’t new Today 6:30 AM
- How to watch the Copa del Rey Final online for free Today 5:45 AM
- How to watch the DFB-Pokal final for free Today 5:30 AM
- Curvy Wife Guy drops music video for rap song ‘Chubby Sexy’ Friday 7:33 PM
- A ‘Black Mirror’-inspired miniseries is coming to YouTube via Netflix Latin America Friday 5:56 PM
- Kanye West appears on David Letterman’s Netflix show to talk Trump, TMZ, and Drake Friday 3:27 PM
- QAnon believers link small-town arrest to deep state conspiracy without evidence Friday 1:58 PM
- Instagram photos showing prison conditions spark massive protest Friday 1:33 PM
- ‘Gay rat wedding’ headline sparks amazing new meme Friday 1:03 PM
Eric Broder Van Dyke/Shutterstock (Licensed)
Company fails to provide details on security incident
Amazon blamed a “technical error” Wednesday after a data leak exposed an unspecified number of users’ names and emails addresses.
The online retailer, in an email sent to those affected, stated that its “website inadvertently disclosed” the personal information.
Ooookay. Disclosed it when, and to whom? Was other information associated with it, like my name? This email is more alarming than it is helpful. And sent from a "no-reply" address? Based on headers this appears to be a legit email. @amazon pic.twitter.com/sikJvX8lbk
— Adam Meyer (@apmeyer) November 21, 2018
Amazon added that the issue has since been fixed and that users are not required to take any action such as changing their password.
Although Amazon has stressed that the problem did not stem from a breach of its systems, many users are criticizing the company for failing to provide further details.
“For how long was my email address exposed? To whom was it exposed? The whole world? How did it wind up exposed? Could anyone seeing it also see orders linked to that email address?” one Twitter user asked.
Good morning, @AmazonHelp. Not to be rude, but if the email below is legit, it is unsatisfactory. For how long was my email address exposed? To whom was it exposed? The whole world? How did it wind up exposed? Could anyone seeing it also see orders linked to that email address? pic.twitter.com/xkamRjhNDB
— Dissent Doe, PhD (@PogoWasRight) November 21, 2018
Amazon also received pushback from numerous security experts, who expressed concern over the company’s lackluster response.
Amazon's legit been sending out notices saying sorry we exposed your email address. Seems likely related to this https://t.co/21cRB2dHTk… Besides the brevity, what's giving people pause is they sign the email https://t.co/KDiteRFaeR Why cap the "a" and why no https://? Strange pic.twitter.com/mwty3GmCN1
— briankrebs (@briankrebs) November 21, 2018
The issue, believed to have affected users in the U.S. as well as across Europe, comes just weeks after the company sent out a similar email.
The previous incident was related to a rogue Amazon employee who was found to be selling customer data.
Mikael Thalen is a tech and security reporter based in Seattle, covering social media, data breaches, hackers, and more.