Article Details
Scrape Timestamp (UTC): 2024-11-12 13:35:26.770
Source: https://www.theregister.com/2024/11/12/amazon_moveit_breach/
Original Article Text
Click to Toggle View
Amazon confirms employee data exposed in leak linked to MOVEit vulnerability. Over 5 million records from 25 organizations posted to black hat forum. Amazon employees' data is part of a stolen trove posted to a cybercrime forum linked to last year's MOVEit vulnerability. "Amazon and AWS systems remain secure, and we have not experienced a security event," a spokesperson told The Register. "We were notified about a security event at one of our property management vendors that impacted several of its customers including Amazon. The only Amazon information involved was employee work contact information, for example work email addresses, desk phone numbers, and building locations." The stolen data was noted by cybercrime intelligence company Hudson Rock, which detailed that it was related to CVE-2023-34362, a critical vulnerability discovered mid-2023 in file transfer software MOVEit. The CVE allowed hackers to bypass authentication to access the data. Hudson Rock referred to the CVE as "one of the most substantial leaks of corporate information last year." "The directories contain detailed employee information, including names, email addresses, phone numbers, cost center codes, and, in some cases, entire organizational structures," it wrote. That level of detail, claimed the firm, could open doors for social engineering and other security threats. Although many companies were listed as being affected, including HP, Applied Materials, 3M, Lenovo, British Telecom, and more, Amazon was named as having the most exposed records – over 2.86 million of the more than 5 million records. Some of that data is being auctioned and/or distributed by a character going by Nam3L3ss on BreachForums. "I have 1,000 releases coming never seen before," Nam3L3ss is claimed to have told Hudson Rock. In communication with the security company, Nam3L3ss professed not to be a hacker. This may be because the MOVEit vulnerability was identified as originally hacked by the Cl0p ransomware group, even though the data now being offered on BreachForums by Nam3L3ss was not involved in a previous leak.
Daily Brief Summary
Over 5 million records from 25 organizations, including Amazon, were exposed on a cybercrime forum due to a vulnerability in MOVEit file transfer software.
The vulnerability, CVE-2023-34362, was critically assessed and allowed unauthorized data access by bypassing authentication.
Amazon clarified that their systems and AWS remain secure; the exposure involved only employee work contact information such as email addresses and phone numbers.
The exposed data includes comprehensive employee details like names, organizational roles, and cost center codes, raising concerns about potential social engineering attacks.
Notably, Amazon had the highest number of records exposed, totaling over 2.86 million.
The data breach was discovered by cybercrime intelligence firm Hudson Rock, highlighting the broad implications for corporate security.
An individual known as Nam3L3ss is reportedly auctioning and distributing the stolen data on BreachForums, despite not claiming to be the original hacker.