Amazon(US:AMZN) TechCrunch·2024-11-11 18:30Core Points - Amazon confirmed that employee data was compromised due to a security event at a third-party vendor [1][2] - The breach involved employee work contact information, such as work email addresses and desk phone numbers, but did not include sensitive data like Social Security numbers or financial information [2][3] - The third-party vendor has addressed the security vulnerability that led to the breach [3] Incident Details - A threat actor claimed to have published data stolen from Amazon on a hacking site, asserting possession of over 2.8 million lines of data from 25 major organizations [4] - The threat actor, known as "Nam3L3ss," indicated that the data released so far represents less than 0.001% of the total data they possess [5] - The MOVEit Transfer breach, which exploited a zero-day vulnerability, was noted as the largest hack of 2023, affecting over 1,000 organizations [5][6] Impact on Organizations - The MOVEit breach resulted in significant data theft from various organizations, including 3.5 million records from the Oregon Department of Transportation, 4 million from the Colorado Department of Health Care Policy and Financing, and 11 million from Maximus [6]