<- Back to Insights
November 13, 2024
Amazon Data Breach Exposes 2.8 Million Employee Records Amid MOVEit Vulnerability
Forbes
|
Contributed by: Drex DeFord
Summary
Amazon has confirmed a significant data breach involving 2.8 million lines of employee data, attributed to a vulnerability in the MOVEit Transfer software used by a third-party property management vendor. The breach, disclosed by a cybercriminal known as "Nam3L3ss," highlights ongoing security risks in supply chain relationships, particularly due to weaknesses in third-party systems. The vulnerability, CVE-2023-34362, permitted unauthorized access via a SQL injection flaw. Nam3L3ss has published Amazon's employee data on BreachForums and claims to possess large amounts of data from various organizations, raising concerns about future disclosures. Compromised information includes employee work contact details, although Amazon maintains that its primary systems, including AWS, remain secure.

Explore Related Topics