Menu

  • Alerts
  • Incidents
  • News
  • APTs
  • Cyber Decoded
  • Cyber Hygiene
  • Cyber Review
  • Cyber Tips
  • Definitions
  • Malware
  • Threat Actors
  • Tutorials

Useful Tools

  • Password generator
  • Report an incident
  • Report to authorities
No Result
View All Result
CTF Hack Havoc
CyberMaterial
  • Education
    • Cyber Decoded
    • Definitions
  • Information
    • Alerts
    • Incidents
    • News
  • Insights
    • Cyber Hygiene
    • Cyber Review
    • Tips
    • Tutorials
  • Support
    • Contact Us
    • Report an incident
  • About
    • About Us
    • Advertise with us
Get Help
Hall of Hacks
  • Education
    • Cyber Decoded
    • Definitions
  • Information
    • Alerts
    • Incidents
    • News
  • Insights
    • Cyber Hygiene
    • Cyber Review
    • Tips
    • Tutorials
  • Support
    • Contact Us
    • Report an incident
  • About
    • About Us
    • Advertise with us
Get Help
No Result
View All Result
Hall of Hacks
CyberMaterial
No Result
View All Result
Home Incidents

Amazon Hit With Third Party Data Breach

November 12, 2024
Reading Time: 2 mins read
in Incidents
Amazon Hit With Third Party Data Breach

Amazon has confirmed a significant data breach that has impacted its employees and several other major companies. The breach, which dates back to May 2023, exposed sensitive information, including email addresses, phone numbers, and organizational structures of employees from over 25 companies, including Amazon, HP, Lenovo, Delta Airlines, and HSBC. The stolen data was linked to a vulnerability in MOVEit, a widely used file transfer software. This vulnerability, identified in mid-2023, allowed hackers to exploit a critical flaw in the system, bypassing authentication protocols to access secure data repositories.

The breach was carried out by a hacker known as Nam3L3ss, who leveraged the MOVEit vulnerability (CVE-2023-34362) to infiltrate multiple systems and exfiltrate confidential data. The hacker made the stolen information public, releasing it on a cybercrime forum and alerting others to the scale of the breach. This incident has raised concerns about the security of file transfer systems used by corporations, given the sensitive nature of the data that was exposed.

In response to the breach, Amazon issued a statement through spokesperson Adam Montgomery, clarifying that the breach was related to a third-party vendor’s system, not Amazon’s internal infrastructure. Montgomery emphasized that the breach did not affect sensitive employee data such as social security numbers or financial information. Instead, the compromised data primarily included work-related contact information, such as employee email addresses, desk phone numbers, and building locations. Amazon assured customers that its systems remain secure, despite the security event at one of its property management vendors.

While Amazon and other affected companies have taken steps to mitigate the impact of the breach, the incident highlights the growing threat posed by vulnerabilities in third-party services. Organizations that rely on external vendors for critical services must remain vigilant and ensure robust security protocols are in place to prevent similar breaches in the future. This breach also serves as a reminder for companies to continuously evaluate and update their cybersecurity measures to protect sensitive information and prevent unauthorized access.

Reference:
  • Amazon Suffers Major Data Breach Exposing Employee Info from Multiple Companies
Tags: Amazoncyber incidentsCyber Incidents 2024Cyber threatsData BreachesDelta AirlinesHPHSBCLenovoMOVEitNovember 2024Vulnerabilities
ADVERTISEMENT

Related Posts

Arla Foods Dairy Plant Production Halted By A Disruptive Cyberattack

Arla Plant Cyberattack Halts Operations

May 19, 2025
Massive DDoS Attack Cripples Poland's Civic Platform And Public Entities

Massive DDoS Hits Poland’s Civic Platform

May 19, 2025
Georgia’s Harbin Clinic Hit by Data Breach

Georgia’s Harbin Clinic Hit by Data Breach

May 19, 2025
Coinbase Insider Attack Exposed User Data

Coinbase Insider Attack Exposed User Data

May 16, 2025
Coinbase Insider Attack Exposed User Data

Hackers Target Swiss Reserve Power Plant

May 16, 2025
Coinbase Insider Attack Exposed User Data

Cyberattack Hits J Batista Group

May 16, 2025

Latest Alerts

Mozilla Urgent Firefox Patch Fixes RCE Flaws

ModiLoader Malware Targets Windows Users

Glibc Flaw Gives Linux Root Access Risk

Fileless Remcos RAT Delivery Via LNK Files

FBI Warns of AI Voice Phishing Scams

APT28 RoundPress Webmail Hack Steals Emails

Subscribe to our newsletter

    Latest Incidents

    Massive DDoS Hits Poland’s Civic Platform

    Arla Plant Cyberattack Halts Operations

    Georgia’s Harbin Clinic Hit by Data Breach

    Hackers Target Swiss Reserve Power Plant

    Coinbase Insider Attack Exposed User Data

    Cyberattack Hits J Batista Group

    CyberMaterial Logo
    • About Us
    • Contact Us
    • Jobs
    • Legal and Privacy Policy
    • Site Map

    © 2025 | CyberMaterial | All rights reserved

    Welcome Back!

    Login to your account below

    Forgotten Password?

    Retrieve your password

    Please enter your username or email address to reset your password.

    Log In

    Add New Playlist

    No Result
    View All Result
    • Alerts
    • Incidents
    • News
    • Cyber Decoded
    • Cyber Hygiene
    • Cyber Review
    • Definitions
    • Malware
    • Cyber Tips
    • Tutorials
    • Advanced Persistent Threats
    • Threat Actors
    • Report an incident
    • Password Generator
    • About Us
    • Contact Us
    • Advertise with us

    Copyright © 2025 CyberMaterial