fbpx
Frame-14

Privacy Ninja

        • DATA PROTECTION

        • CYBERSECURITY

        • Penetration Testing

          Secure your network against various threat points. VA starts at only S$1,000, while VAPT starts at S$4,000. With Price Beat Guarantee!

        • API Penetration Testing
        • Enhance your digital security posture with our approach that identifies and addresses vulnerabilities within your API framework, ensuring robust protection against cyber threats targeting your digital interfaces.

        • On-Prem & Cloud Network Penetration Testing
        • Boost your network’s resilience with our assessment that uncovers security gaps, so you can strengthen your defences against sophisticated cyber threats targeting your network

        • Web Penetration Testing
        • Fortify your web presence with our specialised web app penetration testing service, designed to uncover and address vulnerabilities, ensuring your website stands resilient against online threats

        • Mobile Penetration Testing
        • Strengthen your mobile ecosystem’s resilience with our in-depth penetration testing service. From applications to underlying systems, we meticulously probe for vulnerabilities

        • Cyber Hygiene Training
        • Empower your team with essential cybersecurity knowledge, covering the latest vulnerabilities, best practices, and proactive defence strategies

        • Thick Client Penetration Testing
        • Elevate your application’s security with our thorough thick client penetration testing service. From standalone desktop applications to complex client-server systems, we meticulously probe for vulnerabilities to fortify your software against potential cyber threats.

        • Source Code Review
        • Ensure the integrity and security of your codebase with our comprehensive service, meticulously analysing code quality, identifying vulnerabilities, and optimising performance for various types of applications, scripts, plugins, and more

        • Email Spoofing Prevention
        • Check if your organisation’s email is vulnerable to hackers and put a stop to it. Receive your free test today!

        • Email Phishing Excercise
        • Strengthen your defense against email threats via simulated attacks that test and educate your team on spotting malicious emails, reducing breach risks and boosting security.

        • Cyber Essentials Bundle
        • Equip your organisation with essential cyber protection through our packages, featuring quarterly breached accounts monitoring, email phishing campaigns, cyber hygiene training, and more. LAUNCHING SOON.

Amazon Sacks Insiders Over Data Leak, Alerts Customers

Amazon Sacks Insiders Over Data Leak, Alerts Customers

Amazon has recently terminated employees responsible for leaking customer data, including their email addresses, to an unaffiliated third-party in violation of company policies.

The company has sent out an email announcement to affected customers following the incident.

Affected Amazon customers confused

Over the weekend, reports emerged on Twitter of multiple Amazon customers perplexed by the email alerts being sent out by the company describing the data leak.

The key concern was if this was an isolated incident targeting the particular customer who had received the email or had other customers been affected too.

“Did anyone else get a weird email from Amazon about this data breach or was I just targeted solo?” tweeted entrepreneur Zain Jaffer.

Twitter: Customers receive amazon breach emails
Customers confused over emails sent by Amazon related to the incident
Source: Twitter

Another user, Routinely Rateled questioned Amazon’s Help account out of concern.

Also Read: 10 Principles On How To Build A Good Governance Model

Another customer unsure if the data leak impacts multiple users
Another customer threw multiple questions at Amazon
Source: Twitter

Their tweet implies customers around the world may have been victims of the data leak:

“So, what I’m trying to find out is: Is it just my email address that’s been disclosed? Has Amazon had a more general data breach – and have you notified relevant UK authorities? Why is the Canadian branch notifying a UK account holder?”

Whereas, Twitter user Lily expressed their frustration over the incident alleging Amazon of selling user data.

In the email notification sent out by Amazon and observed by BleepingComputer, the company’s response is rather brief with regards to the incident:

“We are writing to let you know that your e-mail address was disclosed by an Amazon employee to a third-party in violation of our policies. As a result, we have fired the employee, referred them to law enforcement, and are supporting law enforcement’s criminal prosecution.”

“No other information related to your account was shared. This is not a result of anything you have done and there is no need for you to take any action. We apologize for this incident.”

Amazon fires employee email
Email notifications being sent to some Amazon customers after the incident

Although the email notification pins blame for the incident on “an Amazon employee,” a company statement shared by Motherboard implies multiple insiders could be to blame:

“The individuals responsible for this incident have been fired. We have referred the bad actors to law enforcement and are supporting their criminal prosecution,” said an Amazon spokesperson.

Also Read: The Importance Of DPIA And Its 3 Types Of Processing

The company did not answer how many customers were impacted.

Insider threats, not all of which may be malicious, continue to pose a risk to tech organizations.

Just last month, as reported by BleepingComputer, Shopify had suffered from a data breach impacting 200 merchants, because of some company team members going “rogue.” 

August this year, a Russian national tried to recruit a Tesla subsidiary employee in an extortion effort, “to convince him to deploy an unknown malware strain on the company’s computer network.”

0 Comments

KEEP IN TOUCH

Subscribe to our mailing list to get free tips on Data Protection and Data Privacy updates weekly!

Personal Data Protection

REPORTING DATA BREACH TO PDPC?

We have assisted numerous companies to prepare proper and accurate reports to PDPC to minimise financial penalties.
×

Hello!

Click one of our contacts below to chat on WhatsApp

× Chat with us