Amazon confirms employee data stolen after third-party MOVEit breach

News
By published

MOVEit breach continues to claim victims

Computer Hacked, System Error, Virus, Cyber attack, Malware Concept. Danger Symbol
(Image credit: Shutterstock)
  • Amazon has confirmed data has been breached through a third party
  • The MOVEit cyberattack left the data of hundreds of thousands exposed
  • The third party did not have access to highly sensitive data

The MOVEit Transfer cyberattack that swept the world across the second half of 2023 is apparently continuing to wreak havoc, with Amazon confirming some of its employee details have been leaked via a breach in a third-party provider.

The compromised data includes employee work contact information, for example work email addresses, desk phone numbers, and building locations.

Amazon did not state how many employees had their data stolen, but confirmed the unnamed third-party did not hold sensitive data such as Social Security numbers or financial information.

Article continues below

MOVEit breach effects continue

Speaking to TechCrunch, Amazon spokesperson Adam Montgommery said, “Amazon and AWS systems remain secure, and we have not experienced a security event. We were notified about a security event at one of our property management vendors that impacted several of its customers including Amazon.”

The original MOVEit attack impacted an estimated 2,600 organizations after the Cl0p ransomware gang used SQL injection to compromise public-facing servers and steal data using LemurLoot from connected organizations.

Amazon’s confirmation of a breach comes shortly after a threat actor published data on BreachForums, a site used by cyber criminals to advertise stolen data for sale. ‘Nam3L3ss’, the original poster of the data said in their forum post that they had data stolen from 25 major organizations including Amazon, U.S. Bank, HP, Delta Airlines, Lenovo and many more (via HudsonRock).

Nam3L3ss also emphasized that “What you have seen so far is less than .001% of the data I have. I have 1,000 releases coming never seen before.”

The data stolen in the original breach remains a threat to affected organizations and could be used in a number of harmful ways, including phishing, social engineering, and fraud.

You might also like

TOPICS
Benedict Collins
Benedict Collins
Senior Writer, Security

Benedict is a Senior Security Writer at TechRadar Pro, where he has specialized in covering the intersection of geopolitics, cyber-warfare, and business security.

Benedict provides detailed analysis on state-sponsored threat actors, APT groups, and the protection of critical national infrastructure, with his reporting bridging the gap between technical threat intelligence and B2B security strategy.

Benedict holds an MA (Distinction) in Security, Intelligence, and Diplomacy from the University of Buckingham Centre for Security and Intelligence Studies (BUCSIS), with his specialization providing him with a robust academic framework for deconstructing complex international conflicts and intelligence operations, and the ability to translate intricate security data into actionable insights.