HomeData BreachAmazon confirms worker data breach after vendor hack

Amazon confirms worker data breach after vendor hack

Amazon confirmed a data breach involving worker data after information allegedly stolen through the Might 2023 MOVEit assaults was leaked on a hacking discussion board.

The risk actor behind this information leak, generally known as Nam3L3ss, printed over 2.8 million traces of Amazon worker information, together with names, contact data, constructing areas, e mail addresses, and extra.

Amazon spokesperson Adam Montgomery confirmed Nam3L3ss’ claims, including that this information was stolen from programs belonging to a third-party service supplier.

“Amazon and AWS programs stay safe, and we now have not skilled a security occasion. We had been notified a couple of security occasion at considered one of our property administration distributors that impacted a number of of its prospects together with Amazon,” Montgomery stated.

“The one Amazon data concerned was worker work contact data, for instance work e mail addresses, desk cellphone numbers, and constructing areas.”

The corporate stated the breached vendor solely had entry to worker contact data, and the attackers did not entry or steal delicate worker data like Social Safety numbers, authorities identification, or monetary data. Amazon added that the seller has since patched the security vulnerability used within the assault.

Amazon employee data for sale
Amazon worker information on the market (BleepingComputer)

Nam3L3ss has additionally leaked the information from twenty-five different corporations. Nevertheless, they are saying among the information was obtained from different sources, together with ransom gangs’ leak websites and uncovered AWS and Azure buckers.

See also  Ohio Lottery ransomware assault impacts over 538,000 people

“I obtain whole databases from uncovered internet sources together with mysql, postgres, SQL Server databases and backups, azure databases and backups and so on after which convert them to csv or different format,” they stated.

“DO NOT ask me for entry to my storage and so on, at current I’ve nicely over 250TB of archived database information and so on.”

The listing of corporations whose information was stolen in MOVEit assaults or harvested from Web-exposed sources and has now been leaked on the hacking discussion board contains Lenovo, HP, TIAA, Schwab, HSBC, Delta, McDonald’s, and Metlife, amongst others (as proven within the desk under).

BleepingComputer has contacted a number of corporations and can replace this text when further data is out there.

Firm Date Stolen Variety of Staff
Lenovo 2023-05 45,522
McDonald’s 2023-05 3,295
HP 2023-05 104,119
Metropolis Nationwide Financial institution 2023-05 9,358
BT 2023-05 15,347
dsm-firmenich 2023-05 13,248
Rush College 2023-05 15,853
URBN 2023-05 17,553
Westinghouse 2023-05 18,193
UBS 2023-05 20,462
TIAA 2023-05 23,857
OmnicomGroup 2023-05 37,320
Bristol-Myers Squibb 2023-05 37,497
3M 2023-05 48,630
Schwab 2023-05 49,356
Leidos 2023-05 52,610
Canada Put up 2023-05 69,860
Amazon 2023-05 2,861,111
Delta 2023-05 57,317
Utilized Supplies 2023-05 53,170
Cardinal Well being 2023-05 407,437
US Financial institution 2023-05 114,076
fmr.com 2023-05 124,464
HSBC 2023-05 280,693
MetLife 2023-05 585,130
See also  New York Occasions warns freelancers of GitHub repo data breach

The MOVEit data-theft assaults

The Clop ransomware gang was behind a wave of information theft assaults beginning on Might 27, 2023. Whereas the risk actor has stated that the information was collected from numerous sources, the date of Might 30, 2023, coincides with the MOVEit information theft assaults that occurred over the lengthy US Memorial Day vacation.

The information leaked for every of the twenty-five corporations is comparable, so it’s believed that the information was stolen from a single vendor throughout these assaults and has now been launched as separate information units for the impacted prospects.

The information-theft assaults leveraged a zero-day security flaw within the MOVEit Switch safe file switch platform, a managed file switch (MFT) answer utilized in enterprise environments to securely switch information between enterprise companions and prospects.

The cybercrime gang started extorting victims in June 2023, exposing their names on the group’s darkish internet leak web site.

The fallout from these assaults impacted a whole lot of organizations worldwide, with tens of hundreds of thousands of individuals having their information stolen and utilized in extortion schemes or leaked on-line since then

See also  China-Backed Hackers Exploit Fortinet Flaw, Infecting 20,000 Programs Globally

A number of U.S. federal companies and two U.S. Division of Power (DOE) entities have additionally been focused and breached in these assaults

- Advertisment -spot_img
RELATED ARTICLES

LEAVE A REPLY

Please enter your comment!
Please enter your name here

- Advertisment -

Most Popular