Amazon has confirmed that some employee data was compromised last year, apparently as a result of the massive MOVEit hacking campaign.
A hacker announced on the BreachForums cybercrime forum in recent days that they had obtained Amazon employee information, including names, phone numbers, email addresses, job titles, and other information related to job role.
The hacker claimed the data originated from the 2023 MOVEit hack, which involved the exploitation of a zero-day vulnerability in Progress Software’s MOVEit file transfer software to obtain sensitive information from thousands of organizations that had been using the product.
The MOVEit campaign, mostly believed to have been carried out by the Cl0p ransomware group, impacted nearly 2,800 organizations and resulted in the data of nearly 100 million individuals getting compromised.
In a statement issued on Monday, Amazon confirmed the data breach, but made some important clarifications.
The company said the data came from a third-party property management vendor — Amazon or AWS systems were not breached. Several of the third-party vendor’s customers were impacted by the incident and Amazon was one of them.
Amazon noted that only employee work contact information was exposed, such as work email addresses, desk phone numbers, and building locations, but other, more sensitive information such as Social Security numbers of financial information was not impacted.
The hacker claims the Amazon employee database has roughly 2.8 million entries, but it’s unclear how many employees are impacted.
The same hacker has also leaked data on several other major companies’ employees, including BT, McDonald’s, Lenovo, Delta Airlines, and HP. The data appears to be the result of the same MOVEit hack impacting the same real estate services company that stored Amazon employee data.
Related: Wisconsin Insurer Discloses Data Breach Impacting 950,000 Individuals
Related: Twilio Confirms Data Breach After Hackers Leak 33M Authy User Phone Numbers
Related: Deloitte Says No Threat to Sensitive Data After Hacker Claims Server Breach