OK, so technically and strictly speaking, from the information we have at the moment, this wasn’t really a data breach.
The e-Commerce and tech giant suffered a breach of sorts when they accidentally published customer names and email addresses on its own website, two days ahead of one of their biggest days of the year – Black Friday.
They confirmed that the issue was not a breach of either its website or any systems, but a technical issue that posted the names. So, like I said, not really a breach, but still alarming nonetheless.
Amazon sent an email to anyone affected stating that their data was fine and no further steps needed to be taken. Probably not the best advice seeing as personal details were strewn over the internet; Richard Walters, CTO of CensorNet, has suggested that anyone affected by the breach (AKA if you’ve received an email from Amazon about the situation) should be changing their password anyway.
Amazon weren't the first tech giant to announce news which involved sensitive data of customers in recent times, with Facebook also admitting to a data breach in the last couple of months.
The incident came at the worst possible time for Amazon with billions to be spent on Black Friday 2018, going further into the weekend and into Cyber Monday.
UK data regulator, the Information Commissioner's Office (ICO), has been following the situation after Amazon reported the incident as a data breach as part of the GDPR European Directive, which was introduced in May 2018.
Amazon have behaved suspiciously, though. They have declined to give any further details about how users may have been affected.