Amazon Employee Data Exposed in Third-Party Vendor Security Breach Linked to MOVEit Hack

Amazon has confirmed that some of its employee data was compromised due to a security breach at a third-party vendor. The breach involved Amazon’s property management vendor, which suffered a “security event” impacting several of its clients, including Amazon.

According to Amazon spokesperson Adam Montgomery, the company’s systems, including Amazon and AWS, remain secure. The breach did not affect Amazon directly; instead, it involved the vendor’s system, which exposed Amazon employee contact information. This included work email addresses, desk phone numbers, and building locations. Importantly, sensitive details like Social Security numbers and financial information were not accessed, as this vendor lacks access to that type of data.

The breach came to light after a hacker, using the alias “Nam3L3ss,” claimed on the hacker forum BreachForums that they had stolen data from 25 large organizations, including Amazon. This hacker alleges to possess over 2.8 million lines of stolen data, most likely from last year’s MOVEit breach—a major hack of 2023, targeting a vulnerability in Progress Software’s MOVEit Transfer tool.

The MOVEit breach, exploited by the notorious Clop ransomware gang, has had massive repercussions, affecting over 1,000 organizations globally. High-profile victims include U.S. government contractor Maximus, with 11 million records affected, the Oregon Department of Transportation (3.5 million records), and the Colorado Department of Health Care Policy and Financing (four million records).

The third-party vendor in Amazon’s case has since fixed the vulnerability, but the total number of affected Amazon employees remains unclear. Amazon has not shared specifics on the impact, emphasizing that their main systems were not involved in the breach.

This incident highlights the ongoing risks companies face with third-party vendors, as cybercriminals continue to exploit security weaknesses across supply chains.