Did Amazon have a security breach? Probably not
We've grown accustomed to security breaches, from Target to Home Depot and pretty much everywhere in between. It seems like daily news lately, but sometimes it seems companies are so hush-mouth that we just don't know. It's obviously in their best interest to not let word get out – bad for business, and all.
Today a story surfaced about Amazon sending some customers emails requesting that they reset their passwords. The message itself is a bit cryptic, so it's hard to say what really happened. There is also the (slim) possibility it was a scam. We say slim because there are no links to click on, the message seems legit and a carbon copy of one sent by the company before.
Given the content, it seems nothing is amiss with the retail giant. The email simply explains that "As part of our routine monitoring, we discovered a list of email address and password sets posted online". Yes, that's bad enough, but given the propensity for customers to use the same password on multiple services, it becomes much worse.
The Digital Reader points out that "It's not clear whether Amazon found another security issue, the same one cropped up again, if Amazon is simply recycling the email text whenever they want you to reset your password, or if some scammer copied that earlier email for a new phishing attempt".
There are some obvious things here – don't respond to the email, visit Amazon online by entering the URL and proceeding from there, if you have concerns.
BetaNews has contacted Amazon, but so far have not received any statement. For the moment we'll consider what was said in the message and say that changing the password can't hurt, providing you do so through the actual site. If anything changes then we'll let you know.