Amazon Employee Data Compromised in MOVEit Breach

The data leak was not actually due to a breach in Amazon's systems but rather that of a third-party vendor; the supply chain incident affected several other clients as well.

Dark Reading Staff, Dark Reading

November 12, 2024

2 Min Read
Amazon.com website viewed on an iPad
Source: Ian Dagnall via Alamy Stock Photo

Amazon has confirmed that its employees' data was exposed on a cybercrime forum due to the now-infamous MOVEit vulnerability.

The vulnerability, tracked as CVE-2023-34362, was discovered last year in the MOVEit file transfer software. The flaw allows hackers to bypass authentication on unpatched systems in order to access files, and it has affected thousands of organizations to date.

An Amazon spokesperson said that Amazon and AWS systems are secure and that its systems have not experienced a security breach. The "security event" actually occurred at a third-party property-management vendor, and several other customers it worked with in addition to Amazon were also affected, the person said. The type of compromised information includes work email addresses, desk phone numbers, and building locations.

"Amazon's recent data breach, traced back to a third-party vendor's use of the MOVEit tool, is another wake-up call for the supply chain's hidden vulnerabilities," Ferhat Dikbiyik, chief research and intelligence officer at Black Kite, wrote in an emailed statement to Dark Reading. "The MOVEit flaw initially hit hundreds, but the shockwave extended across 2,700+ organizations as the ripple effects reached third- and even fourth-party vendors. We've identified over 600 MOVEit servers that were likely caught in this 'spray' attack — leaving a vast field of potential targets."

Cybercrime intelligence company Hudson Rock referred to the fallout of the bug as one of the most substantial leaks of corporate information last year; and authors of the "Verizon Data Breach Investigation Report (DBIR)" in February noted that breaches attributable to MOVEit were so numerous that they skewed its statistics for the year.

Don't miss the upcoming free Dark Reading Virtual Event, "Know Your Enemy: Understanding Cybercriminals and Nation-State Threat Actors," Nov. 14 at 11 a.m. ET. Don't miss sessions on understanding MITRE ATT&CK, using proactive security as a weapon, and a masterclass in incident response; and a host of top speakers like Larry Larsen from the Navy Credit Federal Union, former Kaspersky Lab analyst Costin Raiu, Ben Read of Mandiant Intelligence, Rob Lee from SANS, and Elvia Finalle from Omdia. Register now!

About the Author

Dark Reading Staff

Dark Reading Staff

Dark Reading

Dark Reading is a leading cybersecurity media site.

See more from Dark Reading Staff
Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.
Subscribe

You May Also Like

More Insights
Webinars
More Webinars
Events
More Events

Editor's Choice

Pegasus Spyware concept with binary code background
Endpoint Security
WhatsApp: NSO Group Operates Pegasus Spyware for CustomersWhatsApp: NSO Group Operates Pegasus Spyware for Customers
byJai Vijayan, Contributing Writer
Nov 18, 2024
4 Min Read
Laptop with Palo Alto networks logo
Cyberattacks & Data Breaches
Palo Alto Networks Patches Critical Zero-Day Firewall BugPalo Alto Networks Patches Critical Zero-Day Firewall Bug
byBecky Bracken, Senior Editor, Dark Reading
Nov 18, 2024
3 Min Read
ChatGPT, typed out on a screen
Сloud Security
ChatGPT Exposes Its Instructions, Knowledge & OS FilesChatGPT Exposes Its Instructions, Knowledge & OS Files
byNate Nelson, Contributing Writer
Nov 15, 2024
4 Min Read
Reports
More Reports
Webinars
More Webinars
White Papers
More Whitepapers
Events
More Events