Describe the magazine in a detailed report wired Shocking data leak in customer data field at online mail order company Amazon. According to the report, employees have used a flawed system in recent years, among other things, to view celebrity purchases.
So the data was so easy to access that even employees without proper rights were able to spy on commands. According to Wired, the entire purchase history was available to Amazon’s global customer service team. A former Amazon employee, who wished to remain anonymous, told the magazine he had seen his colleagues watch the shopping history of stars like Kanye West or actors from the Avengers movies.
Other Amazon employees reported that several of their colleagues searched for order history for their ex-partners or people from their immediate surroundings. Everyone really did, everyone did it,” said a former customer service manager. The detailed report is based on various interviews with former employees and on memos and internal documents from the years 2015 to 2018. The investigations provide an in-depth look into the online giant’s garbage structure, which has led to completely unauthorized access to sensitive data. Customer data.
The former Amazon Vice President for Information Security also spoke to Wired. When he started working at the company, the security systems were in a “horrible” state. The whole thing was “tied up with duct tape and gum,” said Gary Gagnon, who took the position in 2017.
According to Wired, in some cases, more than 3,300 small Amazon teams are working with sensitive customer data around the world. In 2018, the company’s data risk roots were analyzed internally. As stated in a security note, teams tend to capture the data they need, copy it and save it elsewhere. Result: “Mostly undocumented distribution of copies of the data sets”.
This rapid and frantic spread made it nearly impossible for the information security department to control Amazon data. The memo says, “The growing number of records copies combined with Amazon’s decentralized accountability and ownership model,” burdened the security department with an absurd task. In fact, the security team tried to map all of the Amazon data back in 2016 – and couldn’t do it.
“Over the years we’ve invested billions of dollars in building systems and processes to protect data and are constantly looking for ways to improve it,” Amazon spokeswoman Jane Bemisderfer told Wired. The fact that Amazon’s privacy and security issues were completely. Documented and comprehensively reviewed by management confirms our commitment to these issues and demonstrates the vigilance with which we identify, escalate and respond to potential risks.”