Updated November 13, 2024: This article, originally published on November 12, added comments from security professionals as well as comments from Amazon customers who insisted their personal data was compromised in the cyberattack MOVEit in 2023.

Amazon confirmed that some data was breached during the wave of MOVEit software exploits which began in May 2023. MOVEit cyberattacks affected several large organizations, including the BBC, British Airways, Shell, and several government agencies, as hackers targeted a critical SQL injection vulnerability, CVE-2023-34362, in the software. But with news, more than a year later, that Amazon’s data was hacked, customers now want to know if their accounts are safe and if they should change their passwords.

ForbesWarning to delete Gmail and Google photos after 1 yearBy Davey Winder

Amazon has not experienced a security event, spokesperson said

A statement released by Amazon spokesperson Adam Montgomery on November 11 clarified the nature of the data breach and denied that Amazon or Amazon Web Services had “suffered a security incident.” The MOVEit exploit hit an unnamed third-party property management provider that includes Amazon among its customers. “We have been made aware of a security event at one of our property management vendors that impacted several of their customers, including Amazon,” Amazon spokesperson Adam Montgomery said.

The good news is that there appears to be no impact on customer accounts or credentials. “The only Amazon information involved was employee business contact information,” Montgomery said, “for example, work email addresses, office phone numbers, and building locations.”

ForbesGmail 2FA Cyberattacks: Open Another Account Before It’s Too LateBy Davey Winder

What are security professionals saying about reports that hackers accessed Amazon employee data?

Lars Daniel, Forbes contributor said the breach was carried out by a threat actor named Nam3L3ss – oh, the irony. They recently released data from 25 organizations, including Amazon, and warned that there is an archive of more than 250 TB that includes “entire databases from exposed web sources, including MySQL, Postgres, SQL Server data and backups, Azure databases and backups, etc. »

While the fact that Amazon customer data was not affected by the MOVEit breach is obviously good news, the bad news is that the security of third-party vendors continues to be in the crosshairs of hackers . “This update to an older vulnerability exploit reinforces that third-party software remains one of the largest and least manageable cybersecurity risks organizations face,” said Joe Silva, CEO of the software provider. cybersecurity Spektion, “including large, technically sophisticated companies.”

ForbesBeware of This New $2,000 Google Maps Scam “We Know Where You Live”By Davey Winder

Although last year’s MOVEit attacks didn’t get the same media coverage this year, it’s largely old news, this latest update shows that attackers continue to monetize data compromised. “Nam3L3ss is not believed to be part of the initial MOVEit attack,” said Kevin Robertson, director of operations at Acumen Cyber, “but some of his data fell into their hands, providing evidence of how data markets stolen across the dark web Amazon’s update also serves as a timely reminder, Robertson said, “for organizations to prioritize the resilience of their supply chain, because once. data is stolen and end up on the dark web, they rarely disappear.

There are many lessons to be learned from both Amazon’s initial third-party contractor MOVEit compromise and the fallout that has continued over the many months since. “One of the key lessons is that any place your data resides is a place where data can be compromised,” said Roger Grimes, data-driven defense evangelist at KnowBe4. “Every relationship with a vendor who has access to your network and data or to whom you send data, for whatever reason, is a new place for potential compromise. »

ForbesNew warning from Google Chrome as ‘no day 0’ drive-by cyberattack confirmedBy Davey Winder

Some Amazon customers are convinced their data was compromised and misused following the MOVEit cyberattack

Since the publication of this news, I have been contacted by numerous Amazon customers via different means of communication but with one thing in common: they insist that their accounts were hacked during the MOVEit attack in 2023. The problem here is that an article like this highlights memories of past events and, without wanting to patronize anyone who has found themselves the victim of an account compromise, has made connections that don’t exist. just not. I apologize for not responding to you individually, it would have simply taken too long, but if you are reading this please rest assured that it is not because your account was compromised during the week of Black Friday or Cyber ​​Monday, or sooner in 2023. means MOVEit hackers were to blame. Another common thread connecting those who contacted me was this phrase “I clicked on the link which took me directly to my Amazon account”. This is, I fear, proof that these were opportunistic phishing attacks taking advantage of interest in the Black Friday sales, and nothing more.

Therefore, the advice that Amazon customers do not need to change their passwords or check their credit cards for signs of fraud is the same.