- Why the Senate’s First Step Act isn’t true criminal justice reform 4 Weeks Ago
- Mom calls cops on son who can’t get ready for school on time Tuesday 11:19 PM
- Tinder exec fired after involvement in lawsuit alleging sexual assault Tuesday 10:48 PM
- Woman matches on Tinder with LaCroix thief—and his victim Tuesday 7:38 PM
- U.K. police will have to disclose documents about WikiLeaks journalists Tuesday 6:37 PM
- Backpack Kid sues Fortnite developer over flossing emote Tuesday 5:38 PM
- Conservatives rage at Alexandria Ocasio-Cortez’s ‘week of self-care’ Tuesday 4:02 PM
- 2 inflatable snowmen fought in front of a combo KFC/Taco Bell Tuesday 2:47 PM
- How to watch the Boca Raton Bowl online for free Tuesday 2:43 PM
- DAZN KOs YouTube, Snapchat as (temporarily) the most downloaded app Tuesday 1:57 PM
- AT&T says it’s rolling out 5G service this week Tuesday 1:03 PM
- NY state senator tells woman staffer ‘Kill yourself!’ in a tweet Tuesday 12:54 PM
- This Lil Jon-Kool-Aid Man Christmas jam is as extra as you’d expect Tuesday 12:13 PM
- YouTube stars say unfair copyright claims are making their lives hell Tuesday 12:12 PM
- UPS deletes tweet about shredding letters to North Pole after huge backlash Tuesday 11:21 AM
Eric Broder Van Dyke/Shutterstock (Licensed)
Company fails to provide details on security incident
Amazon blamed a “technical error” Wednesday after a data leak exposed an unspecified number of users’ names and emails addresses.
The online retailer, in an email sent to those affected, stated that its “website inadvertently disclosed” the personal information.
Ooookay. Disclosed it when, and to whom? Was other information associated with it, like my name? This email is more alarming than it is helpful. And sent from a "no-reply" address? Based on headers this appears to be a legit email. @amazon pic.twitter.com/sikJvX8lbk
— Adam Meyer (@apmeyer) November 21, 2018
Amazon added that the issue has since been fixed and that users are not required to take any action such as changing their password.
Although Amazon has stressed that the problem did not stem from a breach of its systems, many users are criticizing the company for failing to provide further details.
“For how long was my email address exposed? To whom was it exposed? The whole world? How did it wind up exposed? Could anyone seeing it also see orders linked to that email address?” one Twitter user asked.
Good morning, @AmazonHelp. Not to be rude, but if the email below is legit, it is unsatisfactory. For how long was my email address exposed? To whom was it exposed? The whole world? How did it wind up exposed? Could anyone seeing it also see orders linked to that email address? pic.twitter.com/xkamRjhNDB
— Dissent Doe, PhD (@PogoWasRight) November 21, 2018
Amazon also received pushback from numerous security experts, who expressed concern over the company’s lackluster response.
Amazon's legit been sending out notices saying sorry we exposed your email address. Seems likely related to this https://t.co/21cRB2dHTk… Besides the brevity, what's giving people pause is they sign the email https://t.co/KDiteRFaeR Why cap the "a" and why no https://? Strange pic.twitter.com/mwty3GmCN1
— briankrebs (@briankrebs) November 21, 2018
The issue, believed to have affected users in the U.S. as well as across Europe, comes just weeks after the company sent out a similar email.
The previous incident was related to a rogue Amazon employee who was found to be selling customer data.