Amazon discloses employee data breach after May 2023 MOVEit attacks

Published on 20 Dec 2024

Amazon disclosed a data breach that exposed employee information after data was allegedly stolen during the May 2023 MOVEit attacks. The company said that the data was stolen from a third-party vendor.

Amazon did not disclose the number of impacted employees.

A threat actor using the handle Nam3L3ss leaked over 2.8 million records containing employee data on the hacking forum BreachForums.
Compromised data includes names, contact information, building locations, email addresses, and more. Exposed data did not include Social Security numbers or financial information.

“Amazon and AWS systems remain secure, and we have not experienced a security event. We were notified about a security event at one of our property management vendors that impacted several of its customers including Amazon. The only Amazon information involved was employee work contact information, for example work email addresses, desk phone numbers, and building locations,” Amazon spokesperson Adam Montgomery told TechCrunch.

Researchers from cybersecurity company Hudson Rock, reported that “Nam3L3ss” also claimed the leak of data allegedly stolen from 25 major organizations.

“MOVEit was previously known to have been exploited by CL0P Ransomware group, and while a lot of companies were tied to the exploit, companies in this specific breach such as Amazon, Mcdonald’s and others were not.” reads the report published by Hudson Rock. “Researchers can’t yet confirm whether the data came from CL0P, affiliates of it, or whether Nam3L3ss exploited these companies on their own.”
The multinational technology company confirmed that it has patched the vulnerability explored by the threat actors in the attack.