Amazon blamed a “technical error” Wednesday after a data leak exposed an unspecified number of users’ names and emails addresses.
The online retailer, in an email sent to those affected, stated that its “website inadvertently disclosed” the personal information.
Amazon added that the issue has since been fixed and that users are not required to take any action such as changing their password.
Although Amazon has stressed that the problem did not stem from a breach of its systems, many users are criticizing the company for failing to provide further details.
“For how long was my email address exposed? To whom was it exposed? The whole world? How did it wind up exposed? Could anyone seeing it also see orders linked to that email address?” one Twitter user asked.
Good morning, @AmazonHelp. Not to be rude, but if the email below is legit, it is unsatisfactory. For how long was my email address exposed? To whom was it exposed? The whole world? How did it wind up exposed? Could anyone seeing it also see orders linked to that email address? pic.twitter.com/xkamRjhNDB
— Dissent Doe, PhD (@PogoWasRight) November 21, 2018
Amazon also received pushback from numerous security experts, who expressed concern over the company’s lackluster response.
Amazon's legit been sending out notices saying sorry we exposed your email address. Seems likely related to this https://t.co/21cRB2dHTk… Besides the brevity, what's giving people pause is they sign the email https://t.co/KDiteRFaeR Why cap the "a" and why no https://? Strange pic.twitter.com/mwty3GmCN1
— briankrebs (@briankrebs) November 21, 2018
The issue, believed to have affected users in the U.S. as well as across Europe, comes just weeks after the company sent out a similar email.
The previous incident was related to a rogue Amazon employee who was found to be selling customer data.