Amazon Exposed Customer Names and Emails in 'Technical Error' - NBC10 Boston

Amazon Exposed Customer Names and Emails in 'Technical Error'

Amazon's website and systems were not breached, an Amazon spokesperson told CNBC

Find NBC Boston in your area

Channel 10 on most providers

Channel 15, 60 and 8 Over the Air

    processing...

    NEWSLETTERS

    Amazon Exposed Customer Names and Emails in 'Technical Error'
    Cliff Owen/AP, File
    In this Sept. 13, 2018, file photo, Jeff Bezos, Amazon founder and CEO, speaks at the Economic Club of Washington's Milestone Celebration in Washington.

    What to Know

    • Several customers shared emails from Amazon on social media Wednesday

    • Amazon said the problem was resolved, but did not provide clarity on how many users were affected nor for how long

    • In the email to affected customers, Amazon said it was unnecessary to reset passwords since it was "not a result of anything you have done"

    Amazon exposed some customers' names and emails due to a "technical error," according to emails the company sent to affected customers. Several people shared screenshots of the emails online Wednesday morning. BetaNews first reported the incident.

    In a statement, Amazon said, "We have fixed the issue and informed customers who may have been impacted."

    Despite the exposure, Amazon told the affected customers they did not need to change their passwords. But even with just their names and emails exposed, people could attempt to reset their accounts or target their emails for phishing attacks.

    Amazon did not answer questions about how many customers were affected by the error nor about how long information was exposed. Amazon's website and systems were not breached, an Amazon spokesperson told CNBC. The company did not say where the customer information was visible.

    In a customer forum, people who received the cryptic message from Amazon were surprised that the company did not recommend they reset their passwords and that the link to Amazon's website in the email signature did not contain a secure link, which would contain "https" rather than "http."

    This story first appeared on CNBC.com. More from CNBC: