Monday, 11 July 2016

On 02:02 by admin   No comments
A hacker going by the online handle of 0x2Taylor has claimed to breach the servers of electronic commerce giant Amazon ending up leaking login credentials of 80,000 users.
The 597.4 MB leaked data includes usernames and encrypted passwords of Amazon Kindle users. The hacker states he targeted Amazon as the firm did not reply or pay any attention to his reports aiming at critical security flaws in their server. Earlier, 0x2Taylor also claimed responsibility for conducting a cyber attack on Baton Rouge police department when Alton Sterling was fatally shot by two of the city’s police officers.
I am amazon, i fail at securing data for 80K users. i ignore warnings. be like me today ~ 
While talking with Mic, the hacker said “When they first got Kindles and set them up, all their stuff was being logged and put into a database that includes a user’s email, password, city, state, phone number, zip code, user-agent, LastLoginIP, Proxy IP and street.”

0x2Taylor also revealed that he asked Amazon a sum of $700 and in return, he assured that the data will not be leaked however just like the vulnerability report Amazon also ignored his offer and in return he leaked the massive data dump on for anyone to download it.
The leaked file was scanned by data mining company Hacked-DB who confirm that the data is legit and never been leaked online before.
This is not the first time when Amazon had their server breached. In November 2015, Amazon started sending out emails to its users asking for a quick password reset, the reason was a possible breach of some of the users’ credentials.
Though Amazon has its own bug bounty and vulnerability reporting program yet it is unclear why the firm did not respond to the hacker. We have contacted Amazon and upon their reply, we will update this article.


Post a comment