Countless Amazon customers woke up this morning to an email from Amazon telling them that “our website inadvertently disclosed your name and email address due to a technical error.” And, in fact, that’s just about all the email said, other than “the issue has been fixed” and that there is no need for the customer to take any action.
First, we have verified that, yes, this email really did come from Amazon. Even though the complete lack of any real details, the perfunctory brevity of the email, makes it seem more like an email scam.
Here is the entire email:
We’re contacting you to let you know that our website inadvertently disclosed your name and email address due to a technical error. The issue has been fixed. This is not a result of anything you have done, and there is no need for you to change your password or take any other action.
Image of Actual “We disclosed your name and email address” Email from Amazon
No information about what actually happened, how the information was disclosed, to whom the information was disclosed, or what steps Amazon has taken to fix whatever it was that actually happened.
In a day and age when data breaches are front and center in the crosshairs of legislation, lawsuits, and consumer outrage, to send so little information – especially coming from a multi-billion dollar company for whom, let’s be real, their customers are the reason for those multi-billions of dollars – is outrageous, and unacceptable.
To put this in perspective, take a look at Equifax’s data breach disclosure statement when they had their data breach last year.
Moreover, requesting more information from Amazon yields exactly no additional information – here is the reply from Amazon in response to a request for additional information about this data exposure:
Thank you for sharing your concern. Our website inadvertently disclosed your email address due to a technical error. The issue has been fixed. This is not a result of anything you have done, and there is no need for you to change your password or take any other action. The impacted customers have been contacted.
We hope to see you again soon.
We’d appreciate your feedback. Please use the buttons below to vote about your experience today.
Then, at the bottom of the response, they ask us to rate the experience!
Generally speaking, when something like this happens, the company is (or at least should be) required to disclose a bit more information than just “Oopsie, we boobooed, nothing to see here now, move along.”
We predict interest in this from one or more Attorneys General in 3.. 2.. 1..
|Get notified of new Internet Patrol articles!
You might also like some of our other articles: