Amazon data breach risk: Insiders raise alarm over ‘millions of people’s security’

Jeff Bezos wealth exceeds $171 billion during pandemic

When you subscribe we will use the information you provide to send you these newsletters.Sometimes they’ll include recommendations for other related newsletters or services we offer.Our Privacy Notice explains more about how we use your data, and your rights.You can unsubscribe at any time.

According to three former high-level employees, security is so inadequate Amazon isn’t aware if they are “protecting it correctly”. One former US-based employee of the firm claimed the quality of controls surrounding data are “appalling”. While no hack has yet been reported, the source claimed there was a risk of payment information being lost.

One of the former US employees told Politico: “Imagine if a company the size of Amazon had a breach?

“The issue is millions of people’s personal identifiable information is at risk.”

Although armed with such a vast amount of data, two former US employees claimed, despite efforts, Amazon has not done enough to correct its data protection.

Indeed, both reference reports from the company’s internal security analysis from 2016 to 2017.

In terms of correcting the vulnerabilities, the reports found only 55 to 70 percent of issues were corrected.

The first US employee added: “The quality of the controls that Amazon has in place is appalling.

“We found hundreds of thousands of accounts where the employee is no longer there but they still have system access.”

In one report, seen by one of the employees from June 2018, the risk of a potential data hack was deemed very high.

JUST IN: Brexit LIVE: Boris masterminds clever plan to swerve EU rules

Both also claimed the rapid turnover of the workforce and expansion of the company has allowed certain procedures to become lax.

The first US employee said: “Amazon’s information technology general controls, considering my experience and where I’ve been in the past, would not have passed muster with most auditors.

“They were just poorly managed.”

The second Us employee added Amazon does not have the appropriate systems in place to control access to its internal data stores.

Martin Lewis warns of ‘inertia dividend’ costing you hundreds [Advice]
Jeff Bezos becomes world’s richest person ahead of Tesla’s Elon Musk [Update]
Amazon staff set for less ‘intense’ workload as Bezos transitions out [Insight]

They said: “You’ve got tens of thousands of teams connecting to big data.

“You should have a way to follow all the different types of data.

“From a technology point of view, you need to know where the data is going and how it’s being protected. That does not exist.”

A spokesman for Amazon stated protecting consumer data remained a priority for the company and denied all claims from the former employees.

An Amazon spokesperson told “Politico’s story is patently wrong and based on false and misleading allegations.

“Maintaining the trust of our customers by protecting their privacy and ensuring the security of their data is a longstanding top priority for Amazon, and these inaccurate, unsubstantiated, and dated claims don’t reflect our commitment to keeping personal information safe.

“Amazon has comprehensive, long-established privacy and security policies, procedures, and technologies in place.

“We regularly audit our services to ensure compliance and have zero tolerance for employees at all levels who do not follow our policies.”

Despite the claims made against the company, all three pointed to problems with Amazon’s internal data system.

They claimed the Amazon Web Service system, which is used by some national governments, is incredibly secure.

The AWS system is a secured cloud data programme for companies to use for content and storage.

Source: Read Full Article