E-mails from Amazon regarding user's e-mails being disclosed

Winston 2018-11-21 13:35:56 UTC #33

I also received the same message at 3:22 am. Thank you mikla for confirming the email is in fact from Amazon. Will watch the forum for any more updates.

samantha.grayson 2018-11-21 13:37:59 UTC #34

just got mine this morning, like Rushdie said, just change your password to be safe

so weird because I recently received an email in reference to my personal Amazon buyer account (this one I’m on is for work) and they gave me a ton of info telling me that one of their employees was in cahoots with a seller and selling them information and my personal account information was leaked to the seller in question by the employee in question

and then they said that the seller had been banned from selling and that they were going to prosecute the employee or something of that nature (craaaazy stuff)

think we’ll be fine though! hope that doesn’t change in the near future…

BOOK_FRIEND 2018-11-21 13:39:51 UTC #35

I got it too. 4:05 AM EST.

Rushdie 2018-11-21 13:40:06 UTC #36

The email is coming from Customer Service, not the Seller side, so the message is being sent to Customers, not sellers.

My best guess is the names and email addresses, were (and may still be) sitting in AWS, in plain text, rather than being encrypted.

Passwords are normally encrypted, but I do not trust any breach, whether it be Amazon are the local corner grocery store.

Just_an_old-Fart 2018-11-21 13:40:11 UTC #37

X-Originating-IP: [54.240.13.33]

Received-SPF: pass (domain ofbounces.amazon.com designates 54.240.13.33 as permitted sender)

Just_an_old-Fart 2018-11-21 13:43:52 UTC #38

garyoverton 2018-11-21 13:46:17 UTC #39

I got one also. Not really concerned. My e-mail is all over the internet and I use my real name as my seller name. Now on Facebook I use a fake name. Not because of security. I just found a name I loved and it fit me perfectly

stampsgalor 2018-11-21 13:47:43 UTC #40

I got it for both my buyer and seller account but it says password wasn’t affected and no need to change

mikla 2018-11-21 13:47:55 UTC #41

OK… so Amazon is unwilling at this time to provide more information and I am waiting for another call from further escalation. Meanwhile I have forwarded this email to Jeff asking for more information and a professional response.

They did confirm that it was from Customer Service, so, as mentioned be others, it is likely sent out to Customers vs Sellers. But, I did not receive it on my other buying accounts.

The_Movie_and_TV_Sto 2018-11-21 13:48:20 UTC #42

I presumed it was a spoof and forwarded it to spoof @

If it’s real it’s incredibly unprofessional, it it’s a mistake, ditto.

despo 2018-11-21 13:51:58 UTC #43

yes I got one… I knew it was fake from the capital “A” in “Account” after reading the email and thinking it was odd.

KCG 2018-11-21 13:53:00 UTC #44

I received the same email. I can verify by the headers and other sleuthing it is legit from Amazon.

mikla 2018-11-21 13:58:20 UTC #45

Just a FYI… i have forwarded the email to Jeff and copied our attorney asking for more information, with a list of questions. We will see what happens.

Meanwhile, not much else we can do. If concerned, change your password.

Back to regular scheduled programming…

stampsgalor 2018-11-21 13:59:16 UTC #46

My opinion is amazon shares our information anyhow. i got suspended a few months ago and shortly after i was reinstated i started getting fake emails(wanting me to login and confirm my bank account #) about my suspension, it was roughly a month later but my question is how did they know and have details regarding my suspension to email, so they had my email, the fact i was suspended and details that my suspension was still being looked over while i was allowed to sell.

I feel amazon customer service or someone, maybe outsourced CS is grabbing our details and passing it along

Rushdie 2018-11-21 14:00:28 UTC #47

It is NOT a fake email. Several of us have already confirmed the fact it is real, with Amazon directly.

Rushdie 2018-11-21 14:03:22 UTC #48

As I stated above, this was a breach of the AWS servers, which is clearly visible ht tp://aws-portal.amazon.com/gp/aws/html-forms-controller/contactus/ AWSAbuse

it_s_my_store 2018-11-21 14:20:09 UTC #49

Yep, we got the same notice. I would really like to know HOW they disclosed this, and to whom it was disclosed.

despo 2018-11-21 14:29:37 UTC #50

I was saying an Amazon employee didn’t send it.

Whether it came from an Amazon server… the IP address in the header didn’t match anything from amazon as is normally the case.

despo 2018-11-21 14:31:12 UTC #51

I will go there and take a look.

Thanks.

hqcart 2018-11-21 14:37:25 UTC #52

there is no need to panic or change the password.

the email, although looks scammy, but it was sent from Amazon.

somehow your name and email was leaked.

so at worse, you will get some spammy emails, and that’s it.