Amazon exposed some customers’ names and emails due to a “technical error,” according to emails the company sent to affected customers. Several people shared screenshots of the emails online Wednesday morning. BetaNews first reported the incident.
In a statement, Amazon said, “We have fixed the issue and informed customers who may have been impacted.”
Amazon's legit been sending out notices saying sorry we exposed your email address. Seems likely related to this https://t.co/21cRB2dHTk… Besides the brevity, what's giving people pause is they sign the email https://t.co/KDiteRFaeR Why cap the "a" and why no https://? Strange pic.twitter.com/mwty3GmCN1
— briankrebs (@briankrebs) November 21, 2018
Despite the exposure, Amazon told the affected customers they did not need to change their passwords. But even with just their names and emails exposed, people could attempt to reset their accounts or target their emails for phishing attacks.
In a customer forum, people who received the cryptic message from Amazon were surprised that the company did not recommend they reset their passwords and that the link to Amazon’s website in the email signature did not contain a secure link, which would contain “https” rather than “http.”