Online e-commerce platform Amazon has sent out emails today to some of its customers blaming a "technical error" for a data leak that exposed the names and email addresses associated with their accounts.
The company didn't elaborate on the nature of the "technical error." It didn't do so in the email sent to customers, and neither in a request for comment ZDNet sent out earlier today.
An Amazon spokesperson did tell us that they "fixed the issue and informed customers who may have been impacted," but didn't respond to additional questions ZDNet sent over. This included requess for information about the number of affected users, if the email leak affected only customers in selected geographical areas, or for how much time was the "technical error" active and leaking users' emails.
These are the same type of questions that many of the affected users have also asked online earlier today after receiving the email.
But while Amazon remained silent on many of the incident details, the company did make it clear to us that its website and its internal systems were not breached. Based on current statements, the technical error seems to be an internal bug.
Because the company refuses to hand out any details about the incident, it is unclear to whom were the email addresses exposed to, and if this leak puts any users at any type of risk. Based on tweets shared online, users from all over the world seem to be affected, and Amazon's secrecy may not fare well in the face of privacy watchdog agencies in EU countries, which expect a far more precise and detailed notification than the three sentences Amazon bothered to send its users.
Today's Amazon email leak notification comes after the company sent out a similar notification last month. That leak wasn't caused by a technical error, like this one, but by an Amazon employee who was caught selling customer data, and who Amazon later fired.
Today's Amazon email notification is available in full, below:
We're contacting you to let you know that our website inadvertently disclosed your email address due to a technical error. The issue has been fixed. This is not a result of anything you have done, and there is no need for you to change your password or take any other action.
Related cyber-security news:
- AWS rolls out new security feature to prevent accidental S3 data leaks
- Magecart group hilariously sabotages competitor
- Vision Direct reveals customer credit card leak, fake Google script may be to blame
- Malicious code hidden in advert images cost ad networks $1.13bn this year
- CNET: Amazon's gadget battle with Google could upend its Alexa allies
- IRS failed to apply consumer protections for 11,406 taxpayers
- TechRepublic: How to become an Alexa developer: A cheat sheet
- A bug in EA Origin client exposes gamers' data