Hacker Steals Amazon Marketplace Credentials from 3rd Party Server

A hacker has stolen Amazon Marketplace data from a 3rd-party server — He is now offering the data on an underground forum for BTC 0.02!

A hacker going by the online handle of 0xTaylor has claimed to have stolen a database from an unknown third-party server that contains data on several platforms including Amazon Marketplace.

0xTaylor who is currently selling the database online for BTC 0.02 (13.51 US Dollar) told Israeli data mining company Hacked-DB that “This data isn’t directly from Amazon it’s from another service that is associated with Amazon.” alongside Amazon‘s regular offerings.

Must Read: Hackers Using Amazon As A Bait For Phishing Attacks

For those who are not familiar with Amazon Marketplace, it’s an e-commerce platform owned and operated by Amazon.com Inc. that enables third-party sellers to sell new and used offerings on Amazon.com’s fixed-price online marketplace alongside Amazon’s regular offerings.

We requested Hacked-DB for an in-depth analysis of the data and below are their findings:

The leaked data size is 706MB with 118K lines and includes 110,000 unique email addresses detected from various providers but the vast majority is related to Amazon marketplace emails, however, the email addresses are encrypted as shown in the Amazon Buyer-Seller Messaging Service page which states that “By using the Buyer-Seller Messaging Service, both buyers and sellers communicate with each other via encrypted e-mail addresses. For example, if a buyer wants to contact a seller, the Buyer-Seller Messaging Service will assign an encrypted alias, such as a222d34b3891234b@marketplace.amazon.com, instead of displaying the seller’s real e-mail address. Emails are routed to the seller via this encrypted alias.”

Other than those encrypted emails the data also includes information such as phone numbers, postal codes, first and last names, country, state, address, buyer emails addresses, product purchased and buyer notes. There are also multiple fields related to internal operations such as order total, amount, currency and ship date etc.

While talking to HackRead, cyber security analysts Oren Yaakobi from Hacked-DB said that “Based on the leaked data we cannot indicate which website has been compromised. The information discloses sensitive data and can lead to identity impersonation, identity theft and targeted attacks on users who used this service.”

Here is an exclusive screenshot from the leaked data: 

Here is a list of emails found in the leaked data:

Must Read: Amazon Store, a safe haven for Android Tablets with pre-installed malware

Don’t be surprised about this leak as this is not the first time data related to Amazon customer is available online. Just last week a hacker leaked data of 800,000 Amazon customers that included emails, session keys, city, state, phone number, zip code, user-agent, LastLoginIP, Proxy IP and street details. Last time, we contacted Amazon for a statement but there was no reply from the company, however, we have contacted Amazon once again for a statement on its marketplace data and in case they decided to reply we will update this article.