Recently, one or more Amazon employees disclosed customer email addresses to an unknown third party, prompting Amazon to send a notification email out to impacted customers which reads as follows:
“We are writing to let you know that your e-mail address was disclosed by an Amazon employee to a third-party in violation of our policies. As a result, we have fired the employee, referred them to law enforcement, and are supporting law enforcement’s criminal prosecution.”
“No other information related to your account was shared. This is not a result of anything you have done and there is no need for you to take any action. We apologize for this incident.”
While we applaud the quick, decisive action on Amazon’s part, the email they sent out is almost annoyingly short on details. When did this happen? How did it happen? Who were the email addresses disclosed to? How large was the breach? We don’t know. We don’t have answers to any of those questions and we probably should.
If there’s a silver lining here, it lies in the fact that there’s nothing for you to do, and nothing was passed onto the unknown third party, other than your email address. Even so, it means that over the next span of weeks, you should be on high alert for phishing emails and you’re almost certain to receive at least a few unwanted marketing-oriented emails if you received a copy of Amazon’s notification.
Unfortunately, that’s all the information we have, and given that, we can’t rate Amazon’s response to the incident highly at this point. A company as big and seasoned as Amazon should know better and be more adept at handling the fallout from these kinds of issues, so we’re a shade disappointed in them.
In any case, if you didn’t get a copy of the email mentioned above, your information apparently wasn’t passed on. In either case, there’s nothing to be done except to be on your guard.