The Wall Street Journal reports that Amazon employees have been bribed to leak corporate data – such as sales metrics and the personal details of reviewers – to sellers:
In exchange for payments ranging from roughly $80 to more than $2,000, brokers for Amazon employees in Shenzhen are offering internal sales metrics and reviewers’ email addresses, as well as a service to delete negative reviews and restore banned Amazon accounts, the people said.
Amazon is investigating a number of cases involving employees, including some in the U.S., suspected of accepting these bribes, according to people familiar with the matter
According to the WSJ, Amazon has confirmed that it is investigating the claims – and any staff found behaving inappropriately could face termination and potential legal action.
This story is a good reminder for all of us that not all data leaks occur because a hacker has managed to find a way to breach your network security.
Often the biggest problem is not the threat of external hackers, but rather internal staff to whom you have granted access to sensitive data and who might be tempted to exploit it for financial gain.
For more discussion on this issue, make sure to listen to this episode of the “Smashing Security” podcast:
Smashing Security #096: 'Bribing Amazon staff, and blinking deepfakes'
Listen on Apple Podcasts | Google Podcasts | Pocket Casts | Spotify | Other... | RSS
Found this article interesting? Follow Graham Cluley on Twitter or Mastodon to read more of the exclusive content we post.
6 comments on “Amazon staff said to be taking bribes to leak data”
Is your story credible or gossip for attention? I saw a news story related to the leak of amazons security info. I called Amazon to find out if my account was involved and was switched to a USA supervisor upon my decision not to talk to an offshore rep located god knows where? They referred me to there P-R dept at [email protected] no direct phone calls only emails excepted. How do I get this issue in more detail?
None of the media reports I have read about this (including the original report in the Wall Street Journal – which I link to in the above article) have made any mention of customer accounts being at risk.
If you represent a company that sells goods via Amazon and you're concerned that you might have a seller's account that has, for instance, had its sales metrics snaffled by a competitor then I suggest you contact your Amazon account manager.
Most companies today suffer more problems with any aspect of IT from the security team to developers. Le look at Google, have you ever seen more Oompa-Loompas within a company destroy its own program, look no further than Google
Had a issue relative to this where reviews I did not write were confirmed from my account. No way anyone could have obtained by password and used it so I figure account access was somehow compromised by someone within Amazon directly. I complained over the phone and they confirmed someone would follow up but we never got an answer. I am honestly considering starting a class action lawsuit. Hope these issues get fixed.
I have had the same experience as Amazon User – a number of Amazon reviews I did NOT write for goods I did NOT buy were posted within the last couple of weeks, apparently by me from my email account. I was alerted when I received emails about them. Subsequently, I'm finding my access to Amazon.com is compromised – I cannot sign in to my account and the password keeps being changed by someone in the US. I do NOT live I the US. My country's Amazon account is also affected. So far, Amazon have not helped me by removing details which are NOT mine form the account(s) and preventing access by this other entity. I will be exploring other options.
I just got an email from Amazon:
Weâ€™re contacting you to let you know that our website inadvertently disclosed your name and email address due to a technical error. The issue has been fixed. This is not a result of anything you have done, and there is no need for you to change your password or take any other action.
And that is it. Not other info. I traced the header and it shows it came from Amazon. (https://aws.amazon.com/ses/)
I know for a fact my Amazon account information was stolen 2 years ago because I use a unique email address for only amazon. When that happened I changed that email adress to a new unique email address, just for amazon and this email was sent to that address.