Amazon has sent emails to users warning of a rogue insider who has been fired after disclosing customer details to a third party.
As detailed in a tweet posted by user Zain Jaffer, the email read: “We are writing to let you know your email address was disclosed by an Amazon employee to a third party in violation of our policies.” The email goes on to claim the employee has been fired, referred to law enforcement and stated that no other information related to the recipient’s account was shared.
“This is not a result of anything you have done and there is no need for you to take any action, we apologize for this incident,” it continued.
In a statement published by Vice Motherboard, an Amazon spokesperson said the company had fired multiple people. "The individuals responsible for this incident have been fired. We have referred the bad actors to law enforcement and are supporting their criminal prosecution,” the statement read.
Chad Anderson, senior security researcher at DomainTools, said: “Defenders worry most about insider threats because so many companies build this hard outer layer, but have complete trust for employees inside. They have access to all of the data, networks and information that attackers want to get a hold of.
“As we have seen with the recent foiled Tesla ransomware attempt, threat actors are now bribing with upwards of a million dollars to sway an employee. That is a hard threat to combat as you can do everything in your power to defend your network, but it just takes one employee to circumvent all of those defenses. Even with a zero-trust model insider threats remain the most dangerous ones for security teams.”
Joe Payne, president and CEO of Code42, predicted that we are going to see more and more of this type of activity, as employees are working outside of the office and organizations are relying on makeshift approaches, including company and employee-owned technology, to enable worker productivity.
“In fact, Code42’s own telemetry data shows that a typical employee causes 20 file exposure events per day,” he said. “Even for organizations that have safeguards and controls in place, employees will be tempted to leak sensitive information for their own gain, simply because they think they will get away with it. Organizations need visibility into risky data behavior in order to identify employees who may be a threat, before they become one.”