Information may have been improperly stored, leaving it potentially exposed to third-parties.
An unknown number of Amazon users have been told to change their passwords, for fear that their accounts may have been compromised. The Washington Post reports that the issue was first identified by tech news site ZDNet, after readers reported that they received an email stating that Amazon had reset their passwords. The account message center confirmed the change, and its legitimacy.
Users received an email saying that Amazon had “recently discovered that your Amazon password may have been improperly stored on your device or transmitted to Amazon in a way that could potentially expose it to a third party,” ZDNet posted. Amazon said in the email that there is “no reason” to believe that the passwords were obtained by a third party. The company says it is only taking action as a precaution.
Amazon began offering two-factor authentication for its customers, last week. Two-factor authentication a security measure by which users must verify their identity through a method beyond just a password. A code sent via email or text is a common secondary verification method.
This is not the first time Amazon has had to have customers reset their passwords. In 2010, some customers had their passwords reset after Amazon realized their emails and passwords were posted online. The company stated that the issue was due to customer account re-use, rather than an internal issue.