Amazon has confirmed that employee data was compromised due to a security breach at a third-party vendor linked to the infamous MOVEit Transfer vulnerability. This breach, which targeted Progress Software’s file-transfer system, has been described as the largest cyberattack of 2023, affecting over 1,000 organizations worldwide.
The Scope of the Breach
According to Amazon spokesperson Adam Montgomery, the breach involved employee work contact information, such as:
- Work email addresses
- Desk phone numbers
- Building locations
Sensitive data, including Social Security numbers and financial information, were not compromised. Montgomery assured that Amazon’s and AWS systems remain secure, emphasizing that the incident was limited to a third-party property management vendor. The vendor has since addressed the security vulnerability responsible for the breach.
Amazon has not disclosed how many employees were affected.
Hacker Claims Massive Data Cache
A threat actor using the alias “Nam3L3ss” claimed responsibility for publishing data stolen from Amazon on the hacking forum BreachForums. The individual alleges possession of over 2.8 million lines of data and boasts about having 1,000 unreleased data caches. This data reportedly includes information from 25 major organizations, as per cybersecurity firm Hudson Rock.
The MOVEit exploit is linked to the Clop ransomware gang, which has targeted organizations worldwide, including:
- Oregon Department of Transportation (3.5 million records)
- Colorado Department of Health Care Policy and Financing (4 million records)
- Maximus, a U.S. government contractor (11 million records)
MOVEit Vulnerability: A Global Threat
The MOVEit Transfer breach exploited a zero-day vulnerability in Progress Software’s file-transfer software, enabling attackers to steal sensitive data from organizations globally. This breach, described as unprecedented in scale, has raised questions about the security of third-party software dependencies.
Amazon’s Response and Implications
While Amazon’s core systems remain unaffected, the incident underscores the risks posed by third-party vulnerabilities. As large corporations increasingly rely on external vendors, the potential for indirect security risks grows.
This breach also highlights the importance of ongoing vigilance in cybersecurity, particularly as hackers like “Nam3L3ss” threaten further data leaks. Organizations impacted by the MOVEit breach face reputational damage and potential legal consequences, with experts calling for enhanced security protocols and closer scrutiny of third-party partners.
The MOVEit incident serves as a stark reminder of the need for robust, proactive cybersecurity measures in an increasingly interconnected world.
