[BreachExchange] Data of 14 Million Amazon and eBay Accounts Leaked on Hacking Websites

Destry Winant destry at riskbasedsecurity.com
Mon Feb 22 10:38:02 EST 2021


https://www.ehackingnews.com/2021/02/data-of-14-million-amazon-and-ebay.html

An anonymous user offered 14 million data from Amazon and eBay
accounts on a prominent hacking website for dissemination. The details
seem to have been obtained from customers of Amazon or eBay having
accounts from 18 countries between 2014-2021.

In Seattle, USA- focused on e-commerce, cloud computing, internet
streaming, and artificial intelligence, Amazon.com Inc. is an
international corporation based in Washington. Founded in 1994, the
business was named "one of the most influential economic and cultural
forces in the world" as well as the most valuable brand in the world.
Whereas eBay Inc. is also a U.S. international e-commerce company
headquartered in San Jose, California that allows transactions and
sales to customers and companies through its website. eBay was founded
in 1995 by Pierre Omidyar and became a remarkable success story for
the dot-com bubble.

The database acquired by the hacker was sold for 800 dollars where the
accounts were divided through each country. The details leaked contain
the entire customer name, mailing code, shipping address and store
name, and a telephone number list of 1.6 million users. Although two
copies had already been sold, the blog publisher has now closed the
deal.

The way the blog-publisher has acquired data is at present- unclear.
Though the firm researching this incidence did not independently check
or validate that Amazon or eBay data were certainly from the 2014-2021
period. A representative of Amazon said that the allegations had been
reviewed with no evidence of any data violation.

Also, it is more probable that Amazon or eBay have not experienced any
infringements. Instead, a common form of password spraying was
presumably used by the threat actor to get the passwords. Spraying
passwords is an attack attempting to enter a wide number of accounts
with a few popular passwords (usernames). Standard attacks by brute
forces seek to enter a single account by guessing the password.

Fortunately, highly confidential material, including billing records,
national ID numbers, or even e-mail addresses, does not exist on the
server. However, the data being sold at this time is also potentially
vulnerable and can be used for a range of reasons, such as doxing
users by public dissemination of private data (e.g. sensitive things
that nobody needs to hear about). The data may also be exploited by
cybercriminals for purposes of creating a spam list or business
intelligence.


More information about the BreachExchange mailing list