14 million alleged Amazon and eBay account details sold online
An unknown user was offering the data of 14 million Amazon and eBay customers’ accounts for sale on a popular hacking forum. The data appears to come from users who had Amazon or eBay accounts from 2014-2021 in 18 different countries.
The database was being sold for $800 and the accounts are divided into their respective countries. The leaked data includes the customer’s full name, postal code, delivery address, and shop name, as well 1.6 million phone records.
The post author has now closed the sale, after two copies were reportedly sold.
Use our personal data leak checker now to see if your email address has been exposed in previous leaks.
The post author provided five database entries as a sample of the leak:
At the moment, it is unclear how the post author acquired the data. CyberNews has not been able to independently verify nor confirm that the data definitely are from Amazon or eBay for the time period listed, 2014-2021.
An Amazon representative informed CyberNews that they investigated the claims and that there was no evidence of any data breaches.
This appears to be the most likely case, that neither Amazon nor eBay suffered any breaches on their end. Instead, the threat actor probably used a popular method of password spraying to acquire these credentials. Essentially, password spraying is a type of bruteforce attack by which an attacker tries to get into a large number of accounts by using a small number of commonly used passwords.
Should you be concerned?
Fortunately, the database does not seem to include very sensitive data, such as payment details, national ID numbers, or even email addresses.
However, the data currently put up for sale is still potentially sensitive, and it can be used for various purposes, such as doxxing users by revealing private information (such as sensitive products they don’t want anyone to know about) on a public form. Cybercriminals can also use the data for spam-list building or business intelligence purposes.
Whenever this happens – and leaked data occurs far more often than we’d like – it’s important for anyone who may be affected by this leak to:
- Check if their data has been leaked by using a service like CyberNews’ personal data leak checker, which currently has more than 15 billion records
- Change your passwords immediately. You should be using a unique password for each account you create. To help you with, use a trusted password manager that can create really strong passwords you don’t need to remember
- Watch out for suspicious emails, as they may be phishing attempts. Avoid clicking on links from suspicious emails
More from CyberNews:
Minimize your online risks - choose the best VPN service
Watch F1 live stream in 2021 from anywhere in the world
Facebook data leak – 533M Facebook users’ personal data leaked online
Want more privacy? Try out secure emails - and send sensitive information safely
Comments
This was late November 2021. Has to be an Amazon breach.
If Amazon wants a little war, they’ve found the right guy.
Not Happy…
The best part is, the person who accessed my account called me on my new cell phone number to tell me she was trying to order something and all of my information (credit card, address, phone number) came up and she did not understand why. She has full range of my account and Amazon has done nothing to help me. My tv has Firestick, but now I have to replace them with Roku, since I cannot access my Amazon account.
Amazon has gotten bad lately about items not arriving on time with prime! In last not even month I’ve had I bet 10 items not arrive on time. Their site will show they still have the order at 1 of their hub warehouse yet they want to call usps to ask where and when the item will arrive! Then they want you to wait another 2-3 days for a prime order to arrive past the set delivery date promised when order was made! As buyers we need to get together and make these companies realize we are not happy with the service we are getting and want it fixed! We are who makes their pay checks possible with buying from them yet we get shit on! A class action lawsuit might just do the trick for both! Put a dent in their bottom line / pockets and maybe then they will realize how easy they can go under!
Notations disappeared later in day. Person I spoke to at Amazon responded as is she was unaware of cause of notation but that my account was “ok”. Took a photo of the notations .
Any idea what was going on ? Your site is only one could find mentions this type of activity.
Your email address will not be published. Required fields are markedmarked