SECURITYWEEK NETWORK:

ICS:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Data Breaches

Amazon Employee Data Leaked by Hacker

Amazon has confirmed that some employee data was compromised as a result of a MOVEit hack last year.
Amazon

Amazon has confirmed that some employee data was compromised last year, apparently as a result of the massive MOVEit hacking campaign.

A hacker announced on the BreachForums cybercrime forum in recent days that they had obtained Amazon employee information, including names, phone numbers, email addresses,  job titles, and other information related to job role. 

The hacker claimed the data originated from the 2023 MOVEit hack, which involved the exploitation of a zero-day vulnerability in Progress Software’s MOVEit file transfer software to obtain sensitive information from thousands of organizations that had been using the product.

The MOVEit campaign, mostly believed to have been carried out by the Cl0p ransomware group, impacted nearly 2,800 organizations and resulted in the data of nearly 100 million individuals getting compromised. 

In a statement issued on Monday, Amazon confirmed the data breach, but made some important clarifications. 

The company said the data came from a third-party property management vendor — Amazon or AWS systems were not breached. Several of the third-party vendor’s customers were impacted by the incident and Amazon was one of them.

Advertisement. Scroll to continue reading.

Amazon noted that only employee work contact information was exposed, such as work email addresses, desk phone numbers, and building locations, but other, more sensitive information such as Social Security numbers of financial information was not impacted.

The hacker claims the Amazon employee database has roughly 2.8 million entries, but it’s unclear how many employees are impacted. 

The same hacker has also leaked data on several other major companies’ employees, including BT, McDonald’s, Lenovo, Delta Airlines, and HP. The data appears to be the result of the same MOVEit hack impacting the same real estate services company that stored Amazon employee data. 

Related: Wisconsin Insurer Discloses Data Breach Impacting 950,000 Individuals

Related: Twilio Confirms Data Breach After Hackers Leak 33M Authy User Phone Numbers

Related: Deloitte Says No Threat to Sensitive Data After Hacker Claims Server Breach

Written By

Eduard Kovacs (@EduardKovacs) is senior managing editor at SecurityWeek. He worked as a high school IT teacher before starting a career in journalism in 2011. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

More from

Latest News

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Webinar: A Step-by-Step Approach to AI Governance
April 28, 2026

With "Shadow AI" usage becoming prevalent in organizations, learn how to balance the need for rapid experimentation with the rigorous controls required for enterprise-grade deployment.

Register

Virtual Event: Threat Detection and Incident Response Summit
May 20, 2026

Delve into big-picture strategies to reduce attack surfaces, improve patch management, conduct post-incident forensics, and tools and tricks needed in a modern organization.

Register

People on the Move

Chris Sistrunk has been promoted to Practice Leader for Mandiant's OT Security Consulting.

Nudge Security has appointed Patrick Dillon as its Chief Revenue Officer.

AutoNation has appointed Brian Fricke as Chief Information Security Officer.

More People On The Move

Expert Insights

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest cybersecurity news, threats, and expert insights. Unsubscribe at any time.