Amazon reported a customer data leak on Wednesday, just days before Black Friday and the beginning of the holiday shopping season.
Amazon began by e-mailing customers who had been effected by data breach directly on Wednesday. However, many of those customers, which are spread throughout the United States and the United Kingdom, posted about the issue on social media. They were angry about the lack of detail in the e-mails, which did not explain how the data leak happened or how their info might have appeared to scammers.
"We're contacting you to let you know that our website inadvertently disclosed your name and email address due to a technical error," read one e-mail to a customer. "The issue has been fixed. This is not a result of anything you have done, and there is no need to change your password or take any other action."
@amazon email lacks details of #databreach. "We’re contacting you to let you know that our website inadvertently disclosed your name and email address due to a technical error. The issue has been fixed. [...]" pic.twitter.com/Z5QKnLDPdw— Michael Ginsberg (@michaelginsberg) November 21, 2018
That customer complained about the lack of detail in the correspondence, as did many others. Before long, Amazon issued a second statement, published by Variety.
“We have fixed the issue and informed customers who may have been impacted," it said simply.
The company claimed that its website and back-end system had not been compromised by the error. Still, many were perturbed by the ambiguous nature of the warning.
Debate raged online about the breach. Some argued that Amazon could not have publicized the details of the error too publicly or else it would happen again. At the same time, others were put off by the lack of transparency from tech giants like Amazon, which have become a ubiquitous part of life yet are not beholden to their users in the way that public utilities often are.
"Silicon Valley continues to be thoughtless about issues of ethics & morality," wrote Kumail Nanjiani, who plays a tech executive on HBO's Silicon Valley. "So many tech companies hold that tech itself is amoral; what people do with the tech they make is not their responsibility. Just like gun manufacturers."
It’s not their responsibility. Is it the car company’s responsibility when someone drunk drives? Knife company’s responsibility when someone stabs? Come on dude...you’re just being silly now.— Yev Kassem (@ealdrid1) November 21, 2018
"It’s not their responsibility," countered a fan. "Is it the car company’s responsibility when someone drunk drives? Knife company’s responsibility when someone stabs? Come on dude... You’re just being silly now."
This is Amazon's second major data breach in two months. Back in October, the company fired an employee who had given customer e-mail addresses to a third-party vendor on the site. However, a report by the Wall Street Journal suggested that this practice might be common, especially in China.