Amazon Denies Server Hack As Kindle User Data Goes Up For Sale

E-commerce giant Amazon said a trove of user data recently published online did not come from its servers, while a computer security analyst said the data appeared to have been automatically generated.

The incident follows a number of large data leaks that have affected millions of users of major online services, such as LinkedIn, in recent months.

IBM

False alarm

The data, supposedly concerning more than 80,000 users of Amazon’s Kindle reading device, was published on Friday by a hacker who claimed to have asked for $700 (£543) from Amazon in order to withhold the leak, but who said Amazon had refused to pay.

“I am Amazon, I fail at securing data for 80K users. I ignore warnings. Be like me today,” the hacker, using the handle 0x2Taylor, wrote in a Twitter post before publishing a 597.4 MB file containing the data.

The data appears to contains email, password, street address, city, state, telephone number and other data on Kindle users, according to experts who viewed the file.

Amazon, however, said the data was not legitimate.

“We have confirmed that this information did not come from Amazon’s servers, and that the accounts in question are not legitimate Amazon customer accounts,” the company stated.

Brian Wallace, a security researcher with Cylance, said all or most of the data appeared to have been automatically generated, and could have been either false data or accounts set up by Internet bots.

The email addresses were found solely on Gmail, Yahoo or Hotmail services and all followed the same format, while the passwords all consisted of random upper-case letters and numbers, with no words or occurrences of popular passwords, he said.

The physical addresses also appeared to be locations chosen at random, he said.

He said the data could have been generated either by the hacker who released it or by a third party.

Are you a security pro? Try our quiz!

Matthew Broersma

Matt Broersma is a long standing tech freelance, who has worked for Ziff-Davis, ZDnet and other leading publications

Recent Posts

Pentagon Confirms Investigation Of Signal Use By Pete Hegseth

Inspector General at the Pentagon confirms investigation into the use of Signal app by US…

25 mins ago

Amazon Resumes Drone Deliveries In US

After a two month hiatus following crashes of a new drone model, Amazon has resumed…

3 hours ago

Amazon Joins Bidders To Acquire TikTok In US

But will Beijing or ByteDance allow sale? Amazon joins potential bidders for TikTok in US,…

21 hours ago

Elon Musk Dismisses Reports Of Imminent Departure From DOGE

Elon Musk dismisses report that Trump told cabinet that he expects Musk to leave his…

22 hours ago

Mark Zuckerberg Lobbies Trump To Avoid Antitrust Trial – Report

Mark Zuckerberg is reportedly lobbying President Donald Trump for a settlement to avoid antitrust trial…

24 hours ago