Monday, November 26, 2018 [Tweets] [Favorites]

Amazon Admits It Exposed Customer E-mail Addresses

Zack Whittaker and Josh Constine (via Hacker News):

Amazon emailed users Tuesday, warning them that it exposed an unknown number of customer email addresses after a “technical error” on its website.

[…]

Amazon’s vague and non-specific email also sparked criticism from users — including security experts — who accused the company of withholding information. Some said that the correspondence looked like a phishing email, used to trick customers into turning over account information.

[…]

Amazon, as a Washington-based company, is required to inform the state attorney general of data incidents involving 500 state residents or more. Yet, in Europe, where data protection rules are stronger — even in the wake of the recently introduced General Data Protection Regulation (GDPR) — it’s less clear if Amazon needs to disclose the incident.

Comments

Stay up-to-date by subscribing to the Comments RSS Feed for this post.

Leave a Comment