Cyber Crime
Amazon Confirms Data Breach Affecting Employee Information
Amazon has confirmed a data breach involving employee information. The incident stems from the widespread MOVEit data transfer tool hack that occurred in May 2023.
A threat actor known as Nam3L3ss leaked over 2.8 million lines of Amazon employee data, including names, contact information, building locations, and email addresses. However, the company clarified that sensitive information like Social Security numbers, government IDs, and financial details were not compromised.
Amazon spokesperson Adam Montgomery explained that the data breach originated from a third-party service provider responsible for property management. The vendor’s systems were exploited, granting unauthorized access to employee contact information.
The leaked data also includes information from several other prominent companies, including Lenovo, HP, TIAA, Schwab, HSBC, Delta, McDonald’s, and Metlife. Some of this data was allegedly obtained through various methods, such as hacking exposed databases and accessing ransom gang leak sites.
ALSO READ: Nominations Open for ‘Women in Cyber’ Honors at FutureCrime Summit 2025
The incident underscores the growing threat of cyberattacks and the importance of robust security measures, especially for organizations that rely on third-party service providers.