November 12, 2024
Amazon admitted that a security breach at a third-party vendor led to a data leak affecting employee information. Only employee business contact information, including email addresses, phone numbers, and building locations, was compromised; neither Amazon nor AWS systems were directly impacted.
Amazon reportedly does not have access to sensitive data, such as financial information or Social Security numbers, but refuses to say how many employees were affected. According to Amazon, the supplier has since fixed the security flaw that caused the hack.
The confirmation comes after a hacker, going by the pseudonym "Nam3L3ss", claimed to have published data from Amazon and 24 other major companies on the known forum BreachForums. The alleged massive exploitation of MOVEit Transfer in 2023 (a major flaw using a zero-day vulnerability in Progress Software's file transfer solution) reportedly resulted in the acquisition of more than 2.8 million rows of data.
The Clop ransomware group was responsible for the MOVEit hack, which affected more than 1,000 companies, including U.S. government contractor Maximus, the Colorado Department of Health Care Policy and Financing, and the Oregon Department of Transportation.
With cyber threats constantly growing and becoming more sophisticated, incidents like this highlight the critical importance of cybersecurity for businesses of all types. Data breaches are becoming more frequent and serious, highlighting the critical need for qualified cybersecurity specialists who can detect weaknesses and protect private data.
If you have a strong interest in cybersecurity or want to get started in this growing industry, Code Labs Academy offers a comprehensive cybersecurity bootcamp that will give you the skills and information you need. Learn how to defend your organization's data, fend off cyberattacks, and maintain your edge in a high-demand field.