Amazon Sacks Employee Over Data Violation

Amazon has sent emails to a number of users confirming that one of their employees has leaked user information to an unnamed third party. Some employees of Amazon’s smart doorbell product department used their account permissions to access video surveillance data of some users.

Amazon fired employees after they discovered that they had abused their rights to access data and it seems that Amazon has more problems with user privacy.

A number of Tweets are reported to have appeared over the last few days from Amazon customers saying that they have been the victim of a data breach will rightfully be a worry to consumers.

Finding out than an Amazon employee has been passing customer emails to an, a third party is particularly concerning, especially as Amazon appears to have been vague about the details. It experienced another incident in 2018 when it fired an employee who had disclosed customer email addresses to a seller.  The online retail giant has confirmed that they are working directly with the authorities and that the employee in question has been fired, although no further information about  the impact on consumers has been released.

It is possible that some Amazon users will now find themselves falling victim to phishing attacks, to prevent this Amazon need to be upfront about exactly who these emails have been shared with. 

During a recent antitrust hearing earlier this year Amazon, and its CEO Jeff Bezos, came under fire by lawmakers over the company’s alleged use of third-party seller data in developing its own products. Earlier in 2020, The Wall Street Journal reported that Amazon employees have accessed sales data from independent sellers on its marketplace to help the company develop competing products for its private-label. Amazon has a policy barring the practice, but some US lawmakers have focused in on the company’s enforcement of that policy.

Amazon Customer Service:    MeterPreter:     ITPro:      CNBC:     The Verge

You Might Also Read:

The Cyber Security Threat From Employees:

 

« Cyber Professionals Fear Being Replaced By AI
Nearly Half Of All Businesses Have No Protection »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

The Hacker News (THN)

The Hacker News (THN)

THN is a leading source for Information Security, Hacking News, Cyber Security, Network Security with in-depth technical coverage of issues and events

Qualys

Qualys

Qualys is a pioneer and leading provider of cloud security and compliance solutions.

StratoKey

StratoKey

StratoKey is an intelligent Cloud Access Security Broker (CASB) that secures your cloud and SaaS applications against data breaches, so you can do secure and compliant business in the cloud.

InfoWatch

InfoWatch

InfoWatch solutions allow you to protect data and information assets that are critically important to your business.

Panorays

Panorays

Panorays automates third-party security lifecycle management. It is a SaaS-based platform, with no installation needed.

Mjenzi Cloud

Mjenzi Cloud

Mjenzi Cloud is a provider of cloud IaaS solutions including managed backup services, affordable & secure cloud virtual compute/storage/compute services, bare-metal services and cloud security.

MicroSec

MicroSec

MicroSec is a company specializing in IoT security. We focus on bringing enterprise grade security to IoT and embedded systems.

ClubCISO

ClubCISO

ClubCISO is a community of peers, working together to help shape the future of the information security profession by facilitating independent discussion on data security and cyber resilience.

Allied Telesis

Allied Telesis

Allied Telesis delivers the secure, flexible, and agile solutions needed to meet the expectations of any industry’s critical mission.

Nagios

Nagios

Nagios is a powerful tool that provides you with instant awareness of your organization’s mission-critical IT infrastructure.

McDonald Hopkins

McDonald Hopkins

McDonald Hopkins is a business advisory and advocacy law firm. We focus on insightful legal solutions that help our clients strategically plan for an increasingly competitive future.

Clarabot Nano

Clarabot Nano

Nano is the secure file sharing tool to improve content search, data access and collaboration between multiple parties.

Krista Software

Krista Software

Krista is an intelligent automation platform that combines iPaaS and Conversational AI to automate complete business processes across your teams and apps.

Verizon

Verizon

Verizon is a leader in IT technology solutions - Verizon Cloud, Networking, Security, Mobility, Machine-to-Machine (M2M), Advanced Communications and Professional Services.

All About Cookies

All About Cookies

All About Cookies is an informational website that provides tips, advice, and recommendations to help you with Online Privacy, Identity Theft Prevention, Antivirus Protection, and Digital Security.

IONIX

IONIX

IONIX is the attack surface management solution that uses Connective Intelligence to shine a spotlight on exploitable risks across your real attack surface and its digital supply chain.