Amazon Force-Resets Some Account Passwords, Citing Password Leak
This article, Amazon force-resets some account passwords, citing password leak, originally appeared on ZDNet.com.
Amazon has force-reset an unknown number of accounts, after passwords may have been compromised.
A number of readers told ZDNet they received an email from Amazon saying the company has reset their account password. The message was also sent to their account message center on Amazon.com, and Amazon.co.uk, confirming the message is genuine.
More security news
Security experts: ISIS’ favorite messaging app is no match for feds
Windows 10 Edge: How Microsoft is clamping down on browser ad injectors
In the email, Amazon said it “recently discovered that your [Amazon] password may have been improperly stored on your device or transmitted to Amazon in a way that could potentially expose it to a third party.”
It adds: “We have corrected the issue to prevent this exposure.”
The email said it has “no reason” to believe passwords were improperly disclosed to a third party but issued a temporary password out of an “abundance of caution.”
It’s not new for companies to force-reset account passwords if they have suffered a data breach, for example.
Last week, the retail giant enabled two-factor authentication for all Amazon.com customers. However, two-factor authentication has not been enabled for UK customers yet.
It’s not the first time these kinds of force-reset password emails have been sent out. In similar cases where passwords may have been compromised – some dating back to 2010, the company has sent out notices of warning.
A spokesperson for Amazon did not immediately return a call or email for comment. If that changes, we will update the piece.
Developing… more soon.
READ MORE
Why the CIA wanting encryption backdoors is a failure of leadership, not intelligence
NSA is so overwhelmed with data, it’s no longer effective, says whistleblower
As the Snowden leaks began, there was “fear and panic” in Congress
How Microsoft’s data case could unravel the US tech industry
If you have ‘nothing to hide’, here’s where to send your passwords
Meet the shadowy tech brokers that deliver your data to the NSA