Amazon Sacks Employee Over Data Violation

Amazon has sent emails to a number of users confirming that one of their employees has leaked user information to an unnamed third party. Some employees of Amazon’s smart doorbell product department used their account permissions to access video surveillance data of some users.

Amazon fired employees after they discovered that they had abused their rights to access data and it seems that Amazon has more problems with user privacy.

A number of Tweets are reported to have appeared over the last few days from Amazon customers saying that they have been the victim of a data breach will rightfully be a worry to consumers.

Finding out than an Amazon employee has been passing customer emails to an, a third party is particularly concerning, especially as Amazon appears to have been vague about the details. It experienced another incident in 2018 when it fired an employee who had disclosed customer email addresses to a seller.  The online retail giant has confirmed that they are working directly with the authorities and that the employee in question has been fired, although no further information about  the impact on consumers has been released.

It is possible that some Amazon users will now find themselves falling victim to phishing attacks, to prevent this Amazon need to be upfront about exactly who these emails have been shared with. 

During a recent antitrust hearing earlier this year Amazon, and its CEO Jeff Bezos, came under fire by lawmakers over the company’s alleged use of third-party seller data in developing its own products. Earlier in 2020, The Wall Street Journal reported that Amazon employees have accessed sales data from independent sellers on its marketplace to help the company develop competing products for its private-label. Amazon has a policy barring the practice, but some US lawmakers have focused in on the company’s enforcement of that policy.

Amazon Customer Service:    MeterPreter:     ITPro:      CNBC:     The Verge

You Might Also Read:

The Cyber Security Threat From Employees:

 

« Cyber Professionals Fear Being Replaced By AI
Nearly Half Of All Businesses Have No Protection »

ManageEngine
CyberSecurity Jobsite
Check Point

Directory of Suppliers

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

Endace

Endace

Endace is a leader in network visibility, network recording and packet capture solutions for security, network and application performance monitoring.

Mimecast

Mimecast

Mimecast delivers cloud-based email management for Microsoft Exchange and Microsoft Office 365 including archiving, continuity and security.

Software Testing News

Software Testing News

Software Testing News provides the latest news in the industry; from the most up-to-date reports in web security to the latest testing tool that can help you perform better.

Cyber Together

Cyber Together

Cyber Together is dedicated to advancing the cyber security industry by giving businesses access to Israel’s leaders, innovators and great minds in the field of cyber security.

Cypress Semiconductor

Cypress Semiconductor

Cypress is a semiconductor design and manufacturing company providing embedded devices for secure IoT applications.

Tubitak

Tubitak

Tubitak is the scientific and technological research council of Turkey. Areas of research include information technology and security.

First National Technology Solutions (FNTS)

First National Technology Solutions (FNTS)

First National Technology Solutions is a leading provider of flexible, customized hosted and remote managed services including IT security and compliance.

Semperis

Semperis

Semperis is an enterprise identity protection company that enables organizations to quickly recover from accidental or malicious changes and disasters that compromise Active Directory.

Hexnode MDM

Hexnode MDM

Hexnode MDM is an award winning Enterprise Mobility Management vendor which helps businesses to secure and manage BYOD, COPE, apps and content.

Yaana Technologies

Yaana Technologies

Yaana is a leading provider of intelligent compliance solutions including lawful interception, data retention & disclosure, and advanced security analytics.

PhishX

PhishX

PhishX is a SaaS platform for security awareness that simulates Cyberthreats, train people, while measure and analysis results, reducing Cybersecurity risks for People and Companies.

Invest Ottawa

Invest Ottawa

The IO Accelerator Program is designed to rapidly and systematically accelerate the development and commercial success of high growth technology firms.

Cybersec Infohub

Cybersec Infohub

Cybersec Infohub is a Hong Kong government programme to enhance the exchange of cyber security information with industry and enterprises to jointly defend against cyber attacks.

Precursor Security

Precursor Security

Precursor Security are information security specialist, delivering all aspects of Security testing, Cyber Risk Management, and Continuous Security Testing.

Hicomply

Hicomply

Hicomply simplifies compliance management with smart, user-friendly tools, helping you scale your processes and stay in control - no matter how complex.

Redblock

Redblock

Redblock's mission is to eliminate the drudgery and repetitive 'eye on the glass' work done by Security Teams.