Amazon.com informed some customers Wednesday that their names and email addresses had been “inadvertently disclosed” as a result of a “technical error” but declined to provide further details about the security mishap.
The e-commerce giant confirmed it sent the messages, adding in a subsequent statement it had “fixed the issue.” It did not say how many of its users had been affected or where and how emails had been exposed. Amazon said its website and other systems had not been breached.
(Amazon Chief Executive Jeff Bezos owns The Washington Post.)
Amazon’s limited disclosure, days before the Black Friday and Cyber Monday holiday shopping frenzies, drew sharp criticism on social media. Among its own sellers, some took to the company’s forums to complain about Amazon’s tight-lipped handling of the matter. “Who knows what they’re not disclosing about this,” one user wrote. “Hopefully nothing …”
Others questioned Amazon after it told users there’s “no need for you to change your password or take any other action,” fearing the potential that hackers still might try to use their names and email addresses for nefarious purposes, including phishing scams.
In October, Amazon said it reportedly fired an employee who inappropriately shared customers’ emails with a third-party seller. That incident resulted in messages to customers indicating their email addresses had been exposed.
