Amazon Sacks Employee Over Data Violation

Uploaded on 2020-10-29 in JOBS-Careers, FREE TO VIEW, BUSINESS-Services-Law

Amazon has sent emails to a number of users confirming that one of their employees has leaked user information to an unnamed third party. Some employees of Amazon’s smart doorbell product department used their account permissions to access video surveillance data of some users.

Amazon fired employees after they discovered that they had abused their rights to access data and it seems that Amazon has more problems with user privacy.

A number of Tweets are reported to have appeared over the last few days from Amazon customers saying that they have been the victim of a data breach will rightfully be a worry to consumers.

Finding out than an Amazon employee has been passing customer emails to an, a third party is particularly concerning, especially as Amazon appears to have been vague about the details. It experienced another incident in 2018 when it fired an employee who had disclosed customer email addresses to a seller.  The online retail giant has confirmed that they are working directly with the authorities and that the employee in question has been fired, although no further information about  the impact on consumers has been released.

It is possible that some Amazon users will now find themselves falling victim to phishing attacks, to prevent this Amazon need to be upfront about exactly who these emails have been shared with. 

During a recent antitrust hearing earlier this year Amazon, and its CEO Jeff Bezos, came under fire by lawmakers over the company’s alleged use of third-party seller data in developing its own products. Earlier in 2020, The Wall Street Journal reported that Amazon employees have accessed sales data from independent sellers on its marketplace to help the company develop competing products for its private-label. Amazon has a policy barring the practice, but some US lawmakers have focused in on the company’s enforcement of that policy.

Amazon Customer Service:    MeterPreter:     ITPro:      CNBC:     The Verge

You Might Also Read:

The Cyber Security Threat From Employees:

 

« Cyber Professionals Fear Being Replaced By AI
Nearly Half Of All Businesses Have No Protection »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

TÜV SÜD Academy UK

TÜV SÜD Academy UK

TÜV SÜD offers expert-led cybersecurity training to help organisations safeguard their operations and data.

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

CERT-SE

CERT-SE

CERT-SE is the national and governmental Computer Security Incident Response Team of Sweden.

6cure

6cure

The 6cure Threat Protection solution eliminates malicious traffic to critical services in real time and protects against DDoS attacks.

SecureDevice

SecureDevice

SecureDevice is a Danish IT Security company.

Deep Instinct

Deep Instinct

Deep Instinct provides comprehensive defense that is designed to protect against the most evasive unknown malware in real-time, across an organization’s endpoints, servers, and mobile devices.

FixMeStick

FixMeStick

FixMeStick is a virus removal device, a USB key that removes malware conventional antivirus software often can’t detect.

Quokka

Quokka

Quokka (formerly Kryptowire) is the source for mobile security and privacy solutions, staying steps ahead of the threat and delivering peace of mind.

Salient Law

Salient Law

Salient Law is a virtual law firm that specialises in advising providers and users of technology on contracts involving technology.

Qmulos

Qmulos

Qmulos’ real-time continuous monitoring risk management suite, Q-Compliance, provides a massively flexible and scalable solution to optimizing operational security.

Infinidat

Infinidat

Infinidat delivers enterprise-proven solutions for data storage, data protection, business continuity, and sovereign cloud storage.

Conquest Cyber

Conquest Cyber

Conquest Cyber builds adaptive risk management programs where innovation is most needed – within defense, intelligence, federal civilian agencies and the industrial base that supports them.

Binare

Binare

Binare empowers companies all over the world to improve their IIot/IoT /Embedded cybersecurity posture and digital privacy.

Sourcepass

Sourcepass

Sourcepass is an IT consulting company that focuses on providing expert IT services, cloud computing solutions, cybersecurity services, website, and application development.

Grindstone Ventures

Grindstone Ventures

Grindstone Ventures is a post-seed fund that supports post-seed equity and quasi-equity investments in early-stage innovation-driven and/or technology companies.

Hook Security

Hook Security

Setting a new standard in security awareness. Hook Security is a people-first company that uses psychological security training to help companies create security-aware culture.

63Sats Cybertech

63Sats Cybertech

63SATS is the cybersecurity business unit of 63 Moons Technologies, a world leader in providing next-generation technology ventures, innovations, platforms, and solutions. 

Kahootz

Kahootz

Kahootz is a highly secure cloud collaboration platform helping teams to work together across organisations.