Usernames, passwords and email addresses published online
A hacker that goes by the name of Darwinare claims to have breached Amazon UK (amazon.co.uk).To demonstrate the fact that he has hacked the website, the hacker has published the details of over 600 users, including names, usernames, passwords (some of which in clear text), email addresses, physical addresses, and registration dates.
“Amazon, I have no personal grudge against you. I just found a opening and exploited it. So don't worry, others will get the same to,” the hacker wrote on Twitter.
The data leak appears to be legitimate since I haven’t found the same data sets anywhere else online and I can confirm that at least some of the username / password combinations are valid.
However, the information doesn’t necessarily have to come from amazon.co.uk. The account details could have been compromised by a third-party website, similar to the incident that involved Twitter accounts earlier this week.
I’ve sent an email to Amazon UK and hopefully they can clarify the situation. The post will be updated as soon as they respond.
Update. Amazon representatives have responded to my inquiry. It appears that the information was most likely stolen from a third party service.
“There has been no compromise of Amazon's systems and this is not information from our database,” they stated.