Amazon confirms employee data stolen after third-party MOVEit breach

News
By published

MOVEit breach continues to claim victims

Computer Hacked, System Error, Virus, Cyber attack, Malware Concept. Danger Symbol
(Image credit: Shutterstock)
  • Amazon has confirmed data has been breached through a third party
  • The MOVEit cyberattack left the data of hundreds of thousands exposed
  • The third party did not have access to highly sensitive data

The MOVEit Transfer cyberattack that swept the world across the second half of 2023 is apparently continuing to wreak havoc, with Amazon confirming some of its employee details have been leaked via a breach in a third-party provider.

The compromised data includes employee work contact information, for example work email addresses, desk phone numbers, and building locations.

Amazon did not state how many employees had their data stolen, but confirmed the unnamed third-party did not hold sensitive data such as Social Security numbers or financial information.

MOVEit breach effects continue

Speaking to TechCrunch, Amazon spokesperson Adam Montgommery said, “Amazon and AWS systems remain secure, and we have not experienced a security event. We were notified about a security event at one of our property management vendors that impacted several of its customers including Amazon.”

The original MOVEit attack impacted an estimated 2,600 organizations after the Cl0p ransomware gang used SQL injection to compromise public-facing servers and steal data using LemurLoot from connected organizations.

Amazon’s confirmation of a breach comes shortly after a threat actor published data on BreachForums, a site used by cyber criminals to advertise stolen data for sale. ‘Nam3L3ss’, the original poster of the data said in their forum post that they had data stolen from 25 major organizations including Amazon, U.S. Bank, HP, Delta Airlines, Lenovo and many more (via HudsonRock).

Nam3L3ss also emphasized that “What you have seen so far is less than .001% of the data I have. I have 1,000 releases coming never seen before.”

The data stolen in the original breach remains a threat to affected organizations and could be used in a number of harmful ways, including phishing, social engineering, and fraud.

You might also like

TOPICS
Benedict Collins
Benedict Collins
Senior Writer, Security

Benedict has been with TechRadar Pro for over two years, and has specialized in writing about cybersecurity, threat intelligence, and B2B security solutions. His coverage explores the critical areas of national security, including state-sponsored threat actors, APT groups, critical infrastructure, and social engineering.

Benedict holds an MA (Distinction) in Security, Intelligence, and Diplomacy from the Centre for Security and Intelligence Studies at the University of Buckingham, providing him with a strong academic foundation for his reporting on geopolitics, threat intelligence, and cyber-warfare.

Prior to his postgraduate studies, Benedict earned a BA in Politics with Journalism, providing him with the skills to translate complex political and security issues into comprehensible copy.