Excerpt from The Register Article, Published on Nov 12, 2024.
In a significant data leak tied to the notorious MOVEit vulnerability, personal contact details of Amazon employees have been exposed on a cybercrime forum. Cybersecurity intelligence company Hudson Rock recently confirmed the leak, which includes data on over 2.86 million Amazon records out of more than 5 million total exposed entries.
While Amazon and Amazon Web Services (AWS) systems were not directly breached, a vendor providing property management services to the tech giant experienced a security incident, impacting Amazon’s employee directory information. According to an Amazon spokesperson, “Amazon and AWS systems remain secure, and we have not experienced a security event,” confirming that the only data compromised involved employee contact details like work emails, desk phone numbers, and building locations.
The root of the leak traces back to a critical vulnerability, CVE-2023-34362, identified in mid-2023 within the file transfer software MOVEit. The flaw allowed unauthorized access to sensitive data, making it one of the most severe corporate data leaks of the past year, according to Hudson Rock. The leaked directories reportedly contain detailed information, including employees’ names, email addresses, phone numbers, cost center codes, and even some organizational structures. Experts warn that this level of access could lead to increased risks of social engineering and other cyber threats targeting affected employees.
A cybercriminal known as Nam3L3ss has since auctioned portions of the data on BreachForums, claiming to possess “1,000 releases coming never seen before.” Although claiming not to be a hacker, the involvement of this data dealer suggests the information may have originally been breached by the Cl0p ransomware group, which exploited MOVEit vulnerabilities to target numerous organizations worldwide, including HP, Applied Materials, 3M, and British Telecom.
As companies grapple with the ripple effects of the MOVEit vulnerability, this leak highlights ongoing security challenges, emphasizing the need for robust, proactive cybersecurity practices across supply chains.
To delve deeper into this topic, please read the full article The Register.
