Cyber Security News

Amazon Confirms Employee Data Breach Via Third-party Vendor

Amazon has confirmed that sensitive employee data was exposed due to a breach at a third-party vendor. The breach arose from exploiting a critical vulnerability in MOVEit, a widely used file transfer software.

The vulnerability, first reported in mid-2023 under the code CVE-2023-34362, has been linked to a massive leak of corporate information affecting multiple global companies across various industries.

The breach was discovered by a hacker operating under the alias Nam3L3ss, who posted the stolen data on a prominent cybercrime forum.

The compromised data includes extensive employee details from several major organizations, including Amazon, which was most severely impacted.

Attend a Free Webinar on How to Maximize Cybersecurity Program ROI

The breach has exposed over 2.8 million Amazon employee records, making it one of the largest data leaks of its kind. Other significant companies affected include HSBC, MetLife, and Cardinal Health.

The vulnerability in MOVEit, discovered in May 2023, allowed unauthorized parties to bypass authentication and access sensitive data transferred through the software.

Despite releasing security patches, the delay in applying these updates exposed several organizations to potential attacks.

Cybercriminals quickly weaponized this vulnerability, leading to a series of high-profile data breaches.

The data stolen during the MOVEit breach includes employee directories containing personally identifiable information (PII) such as names, email addresses, phone numbers, organizational roles, and cost center details.

These datasets, organized by company, have been circulating on underground forums, potentially opening the door to more sophisticated cyberattacks such as phishing, social engineering, and identity theft.

Companies Impacted and Scope of the Breach

According to the report from Infostealers, the leaked data includes detailed employee records from 25 major companies.

The scale of the breach is staggering, with millions of records compromised. Here’s a breakdown of some of the companies involved and the number of records exposed:

Company NameRecords Exposed
Amazon2,861,111
MetLife585,130
Cardinal Health407,437
HSBC280,693
Fidelity124,464
U.S. Bank114,076
HP104,119
Canada Post69,860
Delta Airlines57,317
Applied Materials (AMAT)53,170
Leidos52,610
Charles Schwab49,356
3M48,630
Lenovo45,522
Bristol Myers Squibb37,497
Omnicom Group37,320
TIAA23,857
Union Bank of Switzerland (UBS)20,462
Westinghouse18,193
Urban Outfitters (URBN)17,553
Rush University15,853
British Telecom (BT)15,347
Firmenich13,248
City National Bank (CNB)9,358
McDonald’s3,295
Amazon Employees Data Beach Report

The stolen data from Amazon contains sensitive employee information, including names, email addresses, phone numbers, and organizational structures.

This level of detail poses a significant risk to Amazon’s internal security as it could be used for targeted phishing and corporate espionage. Similarly, HSBC’s dataset includes information on its global workforce, listing employees across multiple countries and divisions.

Snippet from the data related to Amazon.com containing entries for over 2,500,000 Amazon employees

Snippet from the data related to Amazon.com containing entries for over 2,500,000 Amazon employees

The hacker Nam3L3ss posted a public message along with the data, warning companies to “pay attention” to the significance of the breach.

The hacker emphasized that many of the exposed datasets include internal organizational structures, which could be exploited for malicious purposes. The breach raises several key risks for the affected companies and their employees:

  • Phishing and Social Engineering: With detailed contact information, cybercriminals can craft compelling phishing attacks aimed at individuals and companies.
  • Corporate Espionage: Access to internal organizational structures provides insights into company operations, which competitors or malicious entities could exploit.
  • Reputational Damage: High-profile companies like Amazon and HSBC may face long-term reputational harm as customers and stakeholders question their data security practices.
  • Financial Theft and Fraud: Due to the nature of the exposed data, companies in sectors such as finance and healthcare, including Cardinal Health and UBS, are at heightened risk of financial fraud and theft.

Amazon has stated that it is working closely with cybersecurity experts to investigate the full extent of the breach and implement additional security measures to safeguard its employees’ data.

However, the true impact of this breach may unfold in the coming months as the compromised data continues to circulate in cybercriminal forums.

Run private, Real-time Malware Analysis in both Windows & Linux VMs. Get a 14-day free trial with ANY.RUN!

Divya

Divya is a Senior Journalist at GBhackers covering Cyber Attacks, Threats, Breaches, Vulnerabilities and other happenings in the cyber world.

Recent Posts

Google Announces Vanir, A Open-Source Security Patch Validation Tool

Google has officially launched Vanir, an open-source security patch validation tool designed to streamline and automate…

5 hours ago

New Transaction-Relay Jamming Vulnerability Let Attackers Exploits Bitcoin Nodes

A newly disclosed transaction-relay jamming vulnerability has raised concerns about the security of Bitcoin nodes,…

6 hours ago

Raspberry Pi 500 & Monitor, Complete Desktop Setup at $190

Raspberry Pi, a pioneer in affordable and programmable computing, has once again elevated its game…

7 hours ago

Qlik Sense for Windows Vulnerability Allows Remote Code Execution

Qlik has identified critical vulnerabilities in its Qlik Sense Enterprise for Windows software that could…

9 hours ago

QNAP High Severity Vulnerabilities Let Remote attackers to Compromise System

QNAP Systems, Inc. has identified multiple high-severity vulnerabilities in its operating systems, potentially allowing attackers…

11 hours ago

Healthcare Security Strategies for 2025

Imagine this: It's a typical Tuesday morning in a bustling hospital. Doctors make their rounds,…

11 hours ago