Cybersecurity researchers at Hudson Rock have uncovered a significant data breach involving over 2.8 million confidential records from Amazon and other major corporations. The sensitive information was exposed on the Breached hacking forum by an actor using the pseudonym Nam3L3ss, marking one of the most substantial corporate data exposures of recent times.
Breach Confirmation and Impact Assessment
Amazon has officially acknowledged the data breach, clarifying that the incident occurred through a third-party property management service provider. The company has confirmed that core Amazon and AWS systems remained secure and unaffected. The compromised data primarily consists of employee contact information, including corporate email addresses, phone numbers, and office location details.
Technical Analysis of the Security Incident
The breach exploited a vulnerability in MOVEit Transfer, a secure file transfer solution developed by Progress Software. This enterprise-grade system, widely utilized for business-to-business file exchanges via SFTP, SCP, and HTTP protocols, became the attack vector. Security experts have linked this incident to the broader Clop ransomware group campaign that targeted MOVEit Transfer vulnerabilities in spring 2023.
Enterprise Sector Impact and Scope
The breach extends far beyond Amazon, affecting numerous Fortune 500 companies including Lenovo, HP, TIAA, Schwab, HSBC, Delta, McDonald’s, and Metlife. The threat actor claims possession of over 250 TB of archived data, collected through both the MOVEit Transfer vulnerability and exposed cloud storage repositories on AWS and Azure platforms.
Historical Context and Vulnerability Timeline
The exploited vulnerability (CVE-2023-34362) in MOVEit Transfer has been at the center of multiple attacks throughout 2023, impacting approximately 85 million individuals globally. Notable victims include industry leaders such as Sony, IBM, Siemens Energy, and British Airways, highlighting the widespread impact of this security flaw.
This incident serves as a critical reminder of the importance of comprehensive third-party security assessments and robust data protection strategies. Organizations must implement enhanced access controls, regular security audits, and multi-layered defense mechanisms to protect sensitive information. The breach emphasizes the need for continuous monitoring of third-party software solutions and the implementation of proactive security measures to prevent similar incidents in the future. Security teams should prioritize patch management and conduct regular vulnerability assessments to maintain a strong security posture against emerging threats.
