Amazon Denies Server Hack As Kindle User Data Goes Up For Sale

E-commerce giant Amazon said a trove of user data recently published online did not come from its servers, while a computer security analyst said the data appeared to have been automatically generated.

The incident follows a number of large data leaks that have affected millions of users of major online services, such as LinkedIn, in recent months.

False alarm

The data, supposedly concerning more than 80,000 users of Amazon’s Kindle reading device, was published on Friday by a hacker who claimed to have asked for $700 (£543) from Amazon in order to withhold the leak, but who said Amazon had refused to pay.

“I am Amazon, I fail at securing data for 80K users. I ignore warnings. Be like me today,” the hacker, using the handle 0x2Taylor, wrote in a Twitter post before publishing a 597.4 MB file containing the data.

The data appears to contains email, password, street address, city, state, telephone number and other data on Kindle users, according to experts who viewed the file.

Amazon, however, said the data was not legitimate.

“We have confirmed that this information did not come from Amazon’s servers, and that the accounts in question are not legitimate Amazon customer accounts,” the company stated.

Brian Wallace, a security researcher with Cylance, said all or most of the data appeared to have been automatically generated, and could have been either false data or accounts set up by Internet bots.

The email addresses were found solely on Gmail, Yahoo or Hotmail services and all followed the same format, while the passwords all consisted of random upper-case letters and numbers, with no words or occurrences of popular passwords, he said.

The physical addresses also appeared to be locations chosen at random, he said.

He said the data could have been generated either by the hacker who released it or by a third party.

Are you a security pro? Try our quiz!

Matthew Broersma

Matt Broersma is a long standing tech freelance, who has worked for Ziff-Davis, ZDnet and other leading publications

Recent Posts

Microsoft Blames 2009 EU Agreement For World’s Biggest IT Outage

Redmond says EU deal gave CrowdStrike the keys to the Windows kernel, allowing last week's…

1 hour ago

Wisk Plans Autonomous Air Taxi Flights By Decade’s End

Boeing-owned start-up Wisk plans autonomous eVTOL flights by end of decade as companies crowd into…

1 day ago

US Cracks Down On Tech Shipments To Russia

Shipments of high-end chips and other electronics to Russia via China and Hong Kong said…

1 day ago

Double-Digit Growth For Google Expected Amidst AI Push

Google expected to see double-digit revenue and profit growth for second quarter amidst AI cloud…

1 day ago