Amazon Hit by a Major Data Breach, days to the Multi-Billion Dollars Shopping Day, the Black Friday.
Financial News

Amazon Hit by a Major Data Breach, days to the Multi-Billion Dollars Shopping Day, the Black Friday.

EPF Last Update: December 17, 2018

Just a couple of days to the wake of Black Friday, Amazon has suffered a significant data breach which resulted in customer names and email addresses getting disclosed on the website.

It has come as a major surprise, especially to the customers even as the e-commerce giant in a statement admitted to having emailed affected customers. However, they have declined to give more information especially regarding the affected individual and or their respective locations.

According to the firm, this was not a breach of its website or systems. It was a technical glitch that accidentally displayed customer names and email addresses to its website.
“We have fixed the issue and informed customers who may have been impacted.” Declared the Amazon on a Press Statement.

As an informative email to the affected clients, the Amazon wrote: “Our website inadvertently disclosed your email address or name and email address due to a technical error. The issue has been fixed. It is not a result of anything you have done, and there is no need for you to change your password or take any other action. The impacted customers have been contacted.”

The firm further added that: “Amazon takes all security-related matters very seriously, and your account security is our top priority. We have policies and security measures in place to ensure that your personal information remains secure.”

The news did not do the customer any good especially considering its timing as many customers had started feeling the chills and thrills of inbounding Black Friday, best few days for best market deals.
According to Amazon, there should be no significant cause for concern for the customers, a statement which is not convening to all the experts.
Richard Walters, the chief technical officer of cybersecurity firm CensorNet, for instance, told those affected to ignore Amazons’ advice and consider changing their passwords.

We live in a society that experiences technological development each second and with thousand threats that come along with it in about the same time, as a precautionary measure, here are further security steps you should take to prevent your account from such occurrences in the future:

Monitor your passwords

Time and again, it is advised that we use complex passwords, this, however, is not always the case until such misfortunes befall us. It is crucial to adopt strong passwords practices for your users to protect the security of your accounts.

As much as you may not like it, embracing strong password requirements such as a minimum of around eight characters, uppercase letter and numbers included will help to protect your account information in the long run.

Avoid unnecessary file uploads

Now and then, we upload files to the websites and personal accounts not knowing how a big website security risk it can result in, even if it’s merely to change of a profile avatar. Such files could contain a script that when executed on the server, completely leaves your account vulnerable to hackers activities.

Some simple yet effective precautionary options include renaming the file on upload to ensure the correct file extension, or to change the file permissions.
Ultimately, the recommended solution is to deny direct access to uploaded files altogether. This way, any data uploaded to your website are stored in a folder outside of the web root or in the database as a blob.

Use HyperText Transfer Protocol Secure (HTTPS)

HTTPS is a protocol used to issue security over the Internet. It ensures that users are in communication with the right server and that nobody else can change or tap the content in transit.

Get website security tools

You need to take time and test your website/account security. The best way of doing this is through the use of some website security tools, also called penetration testing or pen testing.
We have many premium and free products to help you with this. They work the same way as scripts hackers-they test all known exploits and try to compromise your site using methods such as SQL Injection.
Some free tools that are worth looking at:
Netsparker – Good for testing SQL injection and XSS

Limit the visitors’ network access

Create a separate wifi connection for guests. Allow them access only to a restricted internet connection in your office that cannot access your cloud resources, or other confidential information.

Have clear data disposal policies

For instance, shred any paper with classified information before disposing of, wipe clean all the disk drives before disposing of.
Besides, include a proper procedure in case of a lost device. In the event of shared accounts, Integrate these policies into your employee training and have them tested regularly

Have a cybersecurity specialist.

In the case of a firm, educate your employees by bringing in a cybersecurity expert to speak about best ways to keep the security of the data. The sad truth is even the most prominent companies (e.g., Google) can fall victims of hacking. The most useful thing you can do is educate yourself on recent incidents and make sure the correct precautions are in place to prevent such.
Employ Intrusion Prevention and Detection
Intrusion prevention and detection systems are necessary for all systems that are accessible via the Internet, such as e-mail systems, active directory server, servers that store personal, customer or employee data and many more.

Update your software

Usually, companies like Microsoft offer an update to your software because they found a weak point in the system and fixed it. Therefore, Installing a patch provides you with the latest and secure version of the system. Don’t ignore the updates.

The above listed are some of the precautionary measures you can take to prevent your account, servers, and system from being an easy target to the hackers. Act now!

If you want to learn from us, here is what we have for you after about 3 years of work:

100 Tips to Prevent Identity Theft

Read More About Identity Theft Here

Identity Theft SafeGuard

Elite Personal Finance

Previous articals

Recommended Articles

The Best Travel Reward Credit Card Offers in 2016

Should I Purchase A Flight With Cash Or Miles?

EPF July 14, 2019

When travelling abroad or across the United States, you usually have the option to buy your ticket with cash or miles. However, a study by found that 31% of card holders don’t end up redeeming their flight rewards. Surprising,...


How The Apple Card Is Revolutionizing The Credit Card Market

EPF July 7, 2019

When Apple first announced it was launching its very own credit card, loyalists and skeptics took notice. Designed with simplicity, transparency and privacy in mind, the credit card was meant to help consumers lead a healthier financial lifestyle. And with...

Privacy & Security

Privacy and Security

Elite Personal Finance takes your privacy very seriously.

We always use a secure and up-to-date SSL certificate to provide a private connection to our site.

Learn more

We have a very transparent privacy policy.

Learn more

We help you to be safe online by writing guides on safety, security and identity theft.

Learn more

In addition, we collect only minimum and necessary personal details on our site. In brief, visiting our site is ultimately safe and secure. However, we have to say that no one can be 100% secure online.

AS SEEN ON Protection Status