Amazon has confirmed that some employee data was accessed last year, presumably as part of the huge MOVEit hacking campaign. A hacker recently revealed on the BreachForums cybercrime forum that they had stolen Amazon employee information, such as names, phone numbers, email addresses, job titles, and other job-related information.
The hacker claimed the data came from the 2023 MOVEit attack, which entailed exploiting a zero-day vulnerability in Progress Software’s MOVEit file transfer software to gather sensitive information from thousands of organisations that had used the program.
The MOVEit campaign, which is widely thought to have been carried out by the Cl0p ransomware group, impacted about 2,800 organisations and compromised the data of approximately 100 million people.
Amazon confirmed the data theft in a statement released earlier this week, but added several important details. According to the firm, the data was obtained via a third-party property management vendor; neither Amazon or AWS systems were compromised.
<
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
This article has been indexed from CySecurity News – Latest Information Security and Hacking Incidents
Read the original article: