Online shopping behemoth Amazon shocked many customers Wednesday -- just hours ahead of its big Black Friday sale -- with news of a personal information leak.
The company revealed customers' names and email addresses were exposed due to a technical error. Many reports suggested this was a hack of Amazon's customer data, but a technical error is far from an intentional "data breach," which would insinuate Amazon fell victim to hacking.
Instead, this sounds more like an internal error by Amazon that led to the information being leaked unintentionally, although the company has not released any more details on the issue.
Here's what the email from Amazon looks like:
Email subject: Important Information about your Amazon.com Account
We’re contacting you to let you know that our website inadvertently disclosed your email address due to a technical error. The issue has been fixed. This is not a result of anything you have done, and there is no need for you to change your password or take any other action.
Sincerely, Customer Service
Many customers who received the email thought it may be some kind of email phishing scam due to its vagueness and brevity. Computer security expert Graham Cluley took to Twitter to blast Amazon for the lack of information.
"Amazon warns customers it leaked their names and email addresses. What aren't you telling us Amazon, and why?" Cluley wrote.
Amazon warns customers it leaked their names and email addresses. What aren't you telling us Amazon, and why? https://t.co/64p2OACVQm pic.twitter.com/XZ1j0Mr2c9 — Graham Cluley (@gcluley) November 21, 2018
English-based newspaper The Register reports Amazon’s UK press office explained this was "an inadvertent technical error and that they emailed customers from an abundance of caution."
Why Amazon felt the need to send the brief email to customers right before the big Black Friday sale remains unknown. The backlash on Twitter has been heavy:
When are companies like @Amazon going to realize how to write a proper breach letter? Once again this sounds scammy as shit and has a completely unnecessary link at the bottom. pic.twitter.com/va4i8ak1HW — Drew Alden - Looking for Work! (@ReanimationXP) November 21, 2018
Today many @amazon customers (including me) got this very VERY weird legit mail. For a zillion dollar company, the worst way to communicate a data breach #infosec https://t.co/h9NjgSLKda — bert boerland (@bertboerland) November 21, 2018
Copyright 2018 by WDIV ClickOnDetroit - All rights reserved.