Amazon Sacks Employee Over Data Violation

Uploaded on 2020-10-29 in JOBS-Careers, FREE TO VIEW, BUSINESS-Services-Law

Amazon has sent emails to a number of users confirming that one of their employees has leaked user information to an unnamed third party. Some employees of Amazon’s smart doorbell product department used their account permissions to access video surveillance data of some users.

Amazon fired employees after they discovered that they had abused their rights to access data and it seems that Amazon has more problems with user privacy.

A number of Tweets are reported to have appeared over the last few days from Amazon customers saying that they have been the victim of a data breach will rightfully be a worry to consumers.

Finding out than an Amazon employee has been passing customer emails to an, a third party is particularly concerning, especially as Amazon appears to have been vague about the details. It experienced another incident in 2018 when it fired an employee who had disclosed customer email addresses to a seller.  The online retail giant has confirmed that they are working directly with the authorities and that the employee in question has been fired, although no further information about  the impact on consumers has been released.

It is possible that some Amazon users will now find themselves falling victim to phishing attacks, to prevent this Amazon need to be upfront about exactly who these emails have been shared with. 

During a recent antitrust hearing earlier this year Amazon, and its CEO Jeff Bezos, came under fire by lawmakers over the company’s alleged use of third-party seller data in developing its own products. Earlier in 2020, The Wall Street Journal reported that Amazon employees have accessed sales data from independent sellers on its marketplace to help the company develop competing products for its private-label. Amazon has a policy barring the practice, but some US lawmakers have focused in on the company’s enforcement of that policy.

Amazon Customer Service:    MeterPreter:     ITPro:      CNBC:     The Verge

You Might Also Read:

The Cyber Security Threat From Employees:

 

« Cyber Professionals Fear Being Replaced By AI
Nearly Half Of All Businesses Have No Protection »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

TÜV SÜD Academy UK

TÜV SÜD Academy UK

TÜV SÜD offers expert-led cybersecurity training to help organisations safeguard their operations and data.

TNO Cyber Security Lab

TNO Cyber Security Lab

TNO Cyber Security Lab is a dedicated facility for innovative and experimental research with the goal of a safe and resilient cyberspace.

PortSwigger

PortSwigger

PortSwigger's Burp Suite is an integrated platform for performing security testing of web applications.

HireVergence

HireVergence

HireVergence is a full service IT staffing and recruiting firm with a focus on cyber and information security.

Protenus

Protenus

Protenus provide a solution to proactively monitor and protect patient privacy in the electronic health record (EHR).

Veritas Technologies

Veritas Technologies

Veritas provide industry-leading solutions that cover all platforms with backup and recovery, business continuity, software-defined storage and information governance.

AppGuard

AppGuard

AppGuard prevents breaches by blocking applications from performing inappropriate processes using our patented dynamic isolation and inheritance technologies.

FutureCon Events

FutureCon Events

FutureCon produces cutting edge events aimed for Senior Level Professionals working in the security community, bringing together the best minds in the industry for a unique cybersecurity event.

Nubeva Technologies

Nubeva Technologies

Nubeva provide a breakthrough TLS Decrypt solution with Symmetric Key Intercept to gain the visibility needed to monitor and secure network traffic.

Ridge Global

Ridge Global

Ridge Global works with C-suite executives and corporate directors to build more resilient organizations through innovative preparedness, protection, response and education capabilities.

Inetum

Inetum

Inetum (formerly Gfi Informatique) is an agile IT services providing digital services and solutions, and a global group that helps companies and institutions to get the most out of digital flow.

Quantexa

Quantexa

Quantexa automates millions of operational decisions, at scale, across multiple business units, including Anti-Money Laundering, Know-Your-Customer, Fraud, Credit Risk and Customer Intelligence.

Enginsight

Enginsight

Enginsight provides a comprehensive solution for monitoring and securing your servers and clients.

Byos

Byos

Byos provides visibility of devices across all networks, regardless of location, integrating with your existing security stack.

Scholarly Networks Security Initiative (SNSI)

Scholarly Networks Security Initiative (SNSI)

SNSI brings together publishers and institutions to solve cyber-challenges threatening the integrity of the scientific record, scholarly systems and the safety of personal data.

CERT.JE

CERT.JE

CERT.JE is responsible for promoting and improving the cyber resilience across the critical national infrastructure, business communities and citizens in Jersey.

Safe Decision

Safe Decision

Safe Decision is an information technology company offering Cyber Security, Network, and Infrastructure Services and Solutions.