Amazon confirms employee data stolen after third-party MOVEit breach

Computer Hacked, System Error, Virus, Cyber attack, Malware Concept. Danger Symbol
(Image credit: Shutterstock)

  • Amazon has confirmed data has been breached through a third party
  • The MOVEit cyberattack left the data of hundreds of thousands exposed
  • The third party did not have access to highly sensitive data

The MOVEit Transfer cyberattack that swept the world across the second half of 2023 is apparently continuing to wreak havoc, with Amazon confirming some of its employee details have been leaked via a breach in a third-party provider.

The compromised data includes employee work contact information, for example work email addresses, desk phone numbers, and building locations.

Amazon did not state how many employees had their data stolen, but confirmed the unnamed third-party did not hold sensitive data such as Social Security numbers or financial information.

MOVEit breach effects continue

Speaking to TechCrunch, Amazon spokesperson Adam Montgommery said, “Amazon and AWS systems remain secure, and we have not experienced a security event. We were notified about a security event at one of our property management vendors that impacted several of its customers including Amazon.”

The original MOVEit attack impacted an estimated 2,600 organizations after the Cl0p ransomware gang used SQL injection to compromise public-facing servers and steal data using LemurLoot from connected organizations.

Amazon’s confirmation of a breach comes shortly after a threat actor published data on BreachForums, a site used by cyber criminals to advertise stolen data for sale. ‘Nam3L3ss’, the original poster of the data said in their forum post that they had data stolen from 25 major organizations including Amazon, U.S. Bank, HP, Delta Airlines, Lenovo and many more (via HudsonRock).

Nam3L3ss also emphasized that “What you have seen so far is less than .001% of the data I have. I have 1,000 releases coming never seen before.”

The data stolen in the original breach remains a threat to affected organizations and could be used in a number of harmful ways, including phishing, social engineering, and fraud.

You might also like

TOPICS
Benedict Collins
Staff Writer (Security)

Benedict has been writing about security issues for over 7 years, first focusing on geopolitics and international relations while at the University of Buckingham. During this time he studied BA Politics with Journalism, for which he received a second-class honours (upper division),  then continuing his studies at a postgraduate level, achieving a distinction in MA Security, Intelligence and Diplomacy. Upon joining TechRadar Pro as a Staff Writer, Benedict transitioned his focus towards cybersecurity, exploring state-sponsored threat actors, malware, social engineering, and national security. Benedict is also an expert on B2B security products, including firewalls, antivirus, endpoint security, and password management.