Amazon Confirms Data Breach, MOVEit Strikes Again • The Register

Amazon employees' data is part of a stolen trove published on a cybercrime forum linked to last year's MOVEit vulnerability.

“Amazon and AWS systems remain secure and we have not experienced a security event,” a spokesperson said The Register. “We were notified of a security incident at one of our property management providers that affected several of its customers, including Amazon. The only Amazon information involved was employee business contact information, such as work email addresses, desk phone numbers, and building locations.”

The stolen data was noted by cybercrime intelligence firm Hudson Rock, which detailed that it was related to CVE-2023-34362, a critical vulnerability discovered in mid-2023 in file transfer software MOVEit. The CVE allowed hackers to bypass authentication to access the data.

Hudson Rock called the CVE “one of the largest leaks of corporate information in the last year.”

“The directories contain detailed employee information, including names, email addresses, phone numbers, cost center codes and, in some cases, entire organizational structures,” it says.

This level of detail, the company said, could open doors to social engineering and other security threats.

Although many companies were listed as affected, including HP, Applied Materials, 3M, Lenovo, British Telecom and more, Amazon was named as the company with the most exposed records – over 2.86 million of the more than 5 million records.

Some of this data is auctioned and/or distributed by a character named Nam3L3ss on BreachForums.

“I have 1,000 releases coming up that have never been seen before,” Nam3L3ss reportedly told Hudson Rock. In communications with the security company, Nam3L3ss stated that it was not a hacker.

This may be because the MOVEit vulnerability was originally identified as having been hacked by the Cl0p ransomware group, although the data now offered by Nam3L3ss on BreachForums was not involved in a previous leak. ®