Amazon is sending out emails to some users in order to inform them that it accidentally leaked their names and email addresses due to a “technical error.” The information was publicly available on its website for some time before it addressed the matter. The email that Amazon has sent out is very short and does not provide any additional details.
The email doesn’t mention what caused this technical error and Amazon hasn’t even revealed how many users were affected by this. The only way that users can get to know if their details were revealed in this error is if they get that email from Amazon.
The company does mention in the email that it has fixed the error and that users don’t have to change their passwords. This doesn’t change the fact that the information was publicly revealed and hence they’re at risk of phishing attacks.
Amazon further said that neither its website or systems were breached. It added that it has “fixed the issue and informed customers who may have been impacted.” While the company isn’t saying how many users were affected, Twitter has reports from users across Europe and the United States saying that they have received this email.
Amazon's legit been sending out notices saying sorry we exposed your email address. Seems likely related to this https://t.co/21cRB2dHTk… Besides the brevity, what's giving people pause is they sign the email https://t.co/KDiteRFaeR Why cap the "a" and why no https://? Strange pic.twitter.com/mwty3GmCN1
— briankrebs (@briankrebs) November 21, 2018