Cybernews
  • News
  • Editorial
  • Security
  • Privacy
    • What is a VPN?
    • What is malware?
    • How safe are password managers?
    • Are VPNs legal?
    • More resources
    • Strong password generator
    • Personal data leak checker
    • Antivirus software
    • Best VPN services
    • Password managers
    • Secure email providers
    • Best website builders
  • Follow
    • Twitter
    • Facebook
    • YouTube
    • Linkedin
    • Flipboard
    • Newsletter

© 2021 CyberNews - Latest tech news, product reviews, and analyses.

Our readers help us create quality content. If you purchase via links on our site, we may receive affiliate commissions. Learn more

Home » Security » 14 million alleged Amazon and eBay account details sold online

14 million alleged Amazon and eBay account details sold online

by Bernard Meyer
17 February 2021
in Security
12
14 million Amazon and eBay accounts sold online in new leak
507
SHARES

An unknown user was offering the data of 14 million Amazon and eBay customers’ accounts for sale on a popular hacking forum. The data appears to come from users who had Amazon or eBay accounts from 2014-2021 in 18 different countries. 

The database was being sold for $800 and the accounts are divided into their respective countries. The leaked data includes the customer’s full name, postal code, delivery address, and shop name, as well 1.6 million phone records.

The post author has now closed the sale, after two copies were reportedly sold.

Use our personal data leak checker now to see if your email address has been exposed in previous leaks. 

The post author provided five database entries as a sample of the leak:

At the moment, it is unclear how the post author acquired the data. CyberNews has not been able to independently verify nor confirm that the data definitely are from Amazon or eBay for the time period listed, 2014-2021. 

An Amazon representative informed CyberNews that they investigated the claims and that there was no evidence of any data breaches.

This appears to be the most likely case, that neither Amazon nor eBay suffered any breaches on their end. Instead, the threat actor probably used a popular method of password spraying to acquire these credentials. Essentially, password spraying is a type of bruteforce attack by which an attacker tries to get into a large number of accounts by using a small number of commonly used passwords.

Should you be concerned?

Fortunately, the database does not seem to include very sensitive data, such as payment details, national ID numbers, or even email addresses.

However, the data currently put up for sale is still potentially sensitive, and it can be used for various purposes, such as doxxing users by revealing private information (such as sensitive products they don’t want anyone to know about) on a public form. Cybercriminals can also use the data for spam-list building or business intelligence purposes.

Whenever this happens – and leaked data occurs far more often than we’d like – it’s important for anyone who may be affected by this leak to:

  1. Check if their data has been leaked by using a service like CyberNews’ personal data leak checker, which currently has more than 15 billion records
  2. Change your passwords immediately. You should be using a unique password for each account you create. To help you with, use a trusted password manager that can create really strong passwords you don’t need to remember
  3. Watch out for suspicious emails, as they may be phishing attempts. Avoid clicking on links from suspicious emails
Share503TweetShareShare
Next Post
110,000+ user records from car-sharing service CityBee leaked and sold on hacker forum

110,000+ user records from car-sharing service CityBee leaked and sold on hacker forum

Comments 12
  1. moser says:
    1 week ago

    Nice

    Reply
  2. S. Black says:
    1 week ago

    Called amazon yesterday about odd notation next to my name and list of purchase line.
    Notations disappeared later in day. Person I spoke to at Amazon responded as is she was unaware of cause of notation but that my account was “ok”. Took a photo of the notations .
    Any idea what was going on ? Your site is only one could find mentions this type of activity.

    Reply
  3. Jimmy Sto says:
    1 week ago

    I was scammed by individuals claiming to represent eBay. They claimed my account was hacked by individuals in Mexico. They threatened and lied about the seriousness of the hacks which scared me. I lost $4000!.

    Reply
    • David Bryer says:
      7 days ago

      Dumbass! You should have called ebay tocheck your account!

      Reply
  4. Martin Nicholson says:
    1 week ago

    I wounder my personal information

    Reply
  5. Steve says:
    1 week ago

    This really makes me want to send EBay my SS # that they now DEMAND if I want to continue being a SELLER since they are doing away with PayPal . NOT HAPPY !!! Thanks a lot FEEBay …

    Reply
    • P Rick says:
      7 days ago

      Did you read the article or comprehend it? Do you understand how the data was retrieved? Because it was not an eBay breach…

      Reply
      • Laurie A Mitlacher says:
        6 days ago

        So says eBay and Amazon

        Reply
  6. Seller says:
    1 week ago

    My eBay account was suspended indefinitely out of the blue, contacted ebay they said they couldn’t tell me why and that there is nothing I can do,we need a better ebay like platform,that’s more secure and transparent,you can’t even talk to a customer service rep on the phone everything is all email and chat,shame on ebay I had 100% percent review and they gave no to chance to rectify what ever the problem was

    Reply
  7. Joh says:
    7 days ago

    I was hit, they got more than I thought they would. Probably going to take me a long time to recover. My passwords were very strong and changed frequently. Don’t let them victim blame you, they leaked your info by improperly securing it on their end most likely.

    Reply
  8. Rhonda Gilliam says:
    7 days ago

    This really upsets me and this explains why money has been missing from my account . I’m also tied of my calls being answered by third world countries where it’s hard for me to understand them and when you ask to speak to someone in the USA they have a nerve to hangup on you I spend to much money with amazon and I’m going to cancel my member ship and shop somewhere else. And I don’t know why now customer service only offer 5dollars I’m tied of being offered pennies for my troubles.I’m so done with amazon.

    Reply
  9. Wallace Whatever says:
    7 days ago

    These are fake companies run by our police state government. What do you expect? Just the Solarwinds attack alone — they compromised nearly every single cloud providers infrastructure — ALL of it! Guess who uses all of these platforms — pretty much every sector of our economy as well as about every non-profit organization. You don’t what you don’t own. And you can not secure what you don’t own either. Boycott these crappy companies. They are mining data on you even if someone else doesn’t steal it, they are directly.

    Reply
Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

I agree to the Terms & Conditions and Privacy Policy.

Editor's choice

COMb data leak - Mother of all breaches
News

COMB: largest breach of all time leaked online with 3.2 billion records

by Bernard Meyer
12 February 2021
37

It's being called the biggest breach of all time and the mother of all breaches: COMB, or the Compilation of...

Read more
14 million Amazon and eBay accounts sold online in new leak

14 million alleged Amazon and eBay account details sold online

17 February 2021
The hype around quantum computing: it’s not too early to get in

The hype around quantum computing: it’s not too early to get in

15 February 2021
Facebook phishing campaign that tricked nearly 450,000 users in Germany is now spreading in the UK

Facebook phishing campaign that tricked nearly 450,000 users in Germany is now spreading in the UK

15 February 2021
Cyberpunk 2077 maker CD Projekt Red has GWENT source code leaked after ransomware attack

Cyberpunk 2077 maker CD Projekt Red has GWENT source code leaked after ransomware attack

10 February 2021
  • Categories
    • News
    • Editorial
    • Security
    • Privacy
  • Reviews
    • Antivirus Software
    • Password Managers
    • Best VPN Services
    • Secure Email Providers
    • Website Builders
  • Tools
    • Password generator
    • Personal data leak checker
  • Engage
    • About Us
    • Send Us a Tip
    • Careers
  • Twitter
  • Facebook
  • YouTube
  • Linkedin
  • Flipboard
  • Newsletter
  • About Us
  • Contact
  • Send Us a Tip
  • Privacy Policy
  • Terms & Conditions
  • Vulnerability Disclosure

© 2021 CyberNews - Latest tech news, product reviews, and analyses.

This website uses cookies. By continuing to use this website you are giving consent to cookies being used. Visit our Privacy Policy.

Home

News

Editorial

Security

Privacy

Resources

  • About Us
  • Contact
  • Careers
  • Send Us a Tip

© 2020 CyberNews – Latest tech news, product reviews, and analyses.

Subscribe for Security Tips and CyberNews Updates
Email address is required. Provided email address is not valid. You have been successfully subscribed to our newsletter!