Amazon has confirmed that sensitive employee data was exposed due to a breach at a third-party vendor. The breach arose from exploiting a critical vulnerability in MOVEit, a widely used file transfer software.
The vulnerability, first reported in mid-2023 under the code CVE-2023-34362, has been linked to a massive leak of corporate information affecting multiple global companies across various industries.
The breach was discovered by a hacker operating under the alias Nam3L3ss, who posted the stolen data on a prominent cybercrime forum.
The compromised data includes extensive employee details from several major organizations, including Amazon, which was most severely impacted.
Attend a Free Webinar on How to Maximize Cybersecurity Program ROI
The breach has exposed over 2.8 million Amazon employee records, making it one of the largest data leaks of its kind. Other significant companies affected include HSBC, MetLife, and Cardinal Health.
The vulnerability in MOVEit, discovered in May 2023, allowed unauthorized parties to bypass authentication and access sensitive data transferred through the software.
Despite releasing security patches, the delay in applying these updates exposed several organizations to potential attacks.
Cybercriminals quickly weaponized this vulnerability, leading to a series of high-profile data breaches.
The data stolen during the MOVEit breach includes employee directories containing personally identifiable information (PII) such as names, email addresses, phone numbers, organizational roles, and cost center details.
These datasets, organized by company, have been circulating on underground forums, potentially opening the door to more sophisticated cyberattacks such as phishing, social engineering, and identity theft.
According to the report from Infostealers, the leaked data includes detailed employee records from 25 major companies.
The scale of the breach is staggering, with millions of records compromised. Here’s a breakdown of some of the companies involved and the number of records exposed:
Company Name | Records Exposed |
Amazon | 2,861,111 |
MetLife | 585,130 |
Cardinal Health | 407,437 |
HSBC | 280,693 |
Fidelity | 124,464 |
U.S. Bank | 114,076 |
HP | 104,119 |
Canada Post | 69,860 |
Delta Airlines | 57,317 |
Applied Materials (AMAT) | 53,170 |
Leidos | 52,610 |
Charles Schwab | 49,356 |
3M | 48,630 |
Lenovo | 45,522 |
Bristol Myers Squibb | 37,497 |
Omnicom Group | 37,320 |
TIAA | 23,857 |
Union Bank of Switzerland (UBS) | 20,462 |
Westinghouse | 18,193 |
Urban Outfitters (URBN) | 17,553 |
Rush University | 15,853 |
British Telecom (BT) | 15,347 |
Firmenich | 13,248 |
City National Bank (CNB) | 9,358 |
McDonald’s | 3,295 |
The stolen data from Amazon contains sensitive employee information, including names, email addresses, phone numbers, and organizational structures.
This level of detail poses a significant risk to Amazon’s internal security as it could be used for targeted phishing and corporate espionage. Similarly, HSBC’s dataset includes information on its global workforce, listing employees across multiple countries and divisions.
Snippet from the data related to Amazon.com containing entries for over 2,500,000 Amazon employees
The hacker Nam3L3ss posted a public message along with the data, warning companies to “pay attention” to the significance of the breach.
The hacker emphasized that many of the exposed datasets include internal organizational structures, which could be exploited for malicious purposes. The breach raises several key risks for the affected companies and their employees:
Amazon has stated that it is working closely with cybersecurity experts to investigate the full extent of the breach and implement additional security measures to safeguard its employees’ data.
However, the true impact of this breach may unfold in the coming months as the compromised data continues to circulate in cybercriminal forums.
Run private, Real-time Malware Analysis in both Windows & Linux VMs. Get a 14-day free trial with ANY.RUN!
Google has officially launched Vanir, an open-source security patch validation tool designed to streamline and automate…
A newly disclosed transaction-relay jamming vulnerability has raised concerns about the security of Bitcoin nodes,…
Raspberry Pi, a pioneer in affordable and programmable computing, has once again elevated its game…
Qlik has identified critical vulnerabilities in its Qlik Sense Enterprise for Windows software that could…
QNAP Systems, Inc. has identified multiple high-severity vulnerabilities in its operating systems, potentially allowing attackers…
Imagine this: It's a typical Tuesday morning in a bustling hospital. Doctors make their rounds,…