Tech giant Amazon has confirmed that employee information was exposed in a data breach stemming from the May 2023 MOVEit attacks. The incident occurred through a third-party property management vendor that handles services for multiple clients, including Amazon.
According to reports, over 2.8 million records containing Amazon employee data appeared on BreachForums, a known hacking platform. A threat actor operating under the name "Nam3L3ss" claimed responsibility for leaking the information.
The compromised data includes work-related details such as employee names, work email addresses, desk phone numbers, building locations, and contact information. Amazon spokesperson Adam Montgomery clarified that sensitive data like Social Security numbers and financial information remained secure.
"Amazon and AWS systems remain secure, and we have not experienced a security event," Montgomery stated, emphasizing that the breach occurred through their vendor's systems rather than Amazon's infrastructure.
The company has addressed the security vulnerability that allowed the unauthorized access. However, Amazon has not disclosed the exact number of employees affected by this incident.
Security researchers at Hudson Rock noted that Nam3L3ss also claimed to have obtained data from 25 other major organizations. While the MOVEit vulnerability has been previously linked to the CL0P Ransomware group, researchers are still working to determine whether this specific incident connects to CL0P, its affiliates, or represents an independent attack by Nam3L3ss.
This breach adds Amazon to a growing list of organizations impacted by the MOVEit attacks, highlighting ongoing challenges in securing third-party vendor relationships and protecting sensitive data.