Email
Password
Remember meForgot password?
    Log in with Twitter

article imageAmazon is warning users that their password may have been leaked

By James Walker     Nov 24, 2015 in Internet
Just days away from Black Friday, Amazon is reportedly emailing a currently unknown number of users to inform them their password may have been visible during a potential leak of the company's database. It remains unclear how the breach happened.
ZDNet reports that a number of its readers have been emailed by Amazon today and told their account password has been reset automatically by the company. The notices have been confirmed as genuine as they are also visible in the message centre in the account section of the Amazon website.
Amazon says it has "no reason" to believe the passwords may have been exposed to a third party. Instead, it is resetting accounts "out of an abundance of caution" due to a password-related breach of its website.
Images of the contents of the emails are beginning to appear online, exposing the full text affected customers are receiving. The company writes that their password "may have been improperly stored on your device or transmitted to Amazon in a way that could potentially expose it to a third party." It adds that the issue leading to the exposure has now been fixed.
With the busiest shopping period of the year mere days away, Amazon will be looking to achieve record sales this week as shoppers hurry to snap up sales. The season is also attractive to cyber-criminals who can make money from selling account details online. Amazon says the passwords haven't been accessed by a third-party but has yet to follow the customer emails up with any more details.
Resetting user passwords is the first step many companies will take after detecting a systems breach, locking any potential attackers out of the accounts they may have stolen. Affected Amazon users will be able to regain access to their account by following the instructions given in the email.
The exposure comes only a week after Amazon publicly confirmed it has launched two-factor authentication support across its website and apps. The feature gives users more security by requiring access to a unique code each time they sign-in from a new device, preventing a hacker from using a stolen username and password unless they also have the second factor, a code randomly generated by the account holder's smartphone. Customers may be advised to enable this option after completing their password reset as it provides stronger protection against online identity theft.
More about Amazon, Security, Password, Data, Breach
 
Latest News
Top News