• Hacking News
    • Leaks
    • WikiLeaks
    • Anonymous
  • Tech
    • Android
    • Apple News
    • BlackBerry
    • Google News
    • Microsoft
    • Motorola
    • Nokia
    • Samsung
    • 3D
  • Cyber Crime
    • Phishing Scam
  • How To
  • Cyber Events
    • Censorship
    • Cyber Attacks
  • Security
    • Malware
  • Surveillance
    • Drones
    • NSA
    • Privacy
  • Explore
    • Gaming
    • Science
    • Viral
HackRead
  • February 28th, 2021
  • Home
  • Advertise
  • Privacy Policy
  • Contact Us
HackRead
  • Hacking News
    • Leaks
    • WikiLeaks
    • Anonymous
  • Tech
    • Android
    • Apple News
    • BlackBerry
    • Google News
    • Microsoft
    • Motorola
    • Nokia
    • Samsung
    • 3D
  • Cyber Crime
    • Phishing Scam
  • How To
  • Cyber Events
    • Censorship
    • Cyber Attacks
  • Security
    • Malware
  • Surveillance
    • Drones
    • NSA
    • Privacy
  • Explore
    • Gaming
    • Science
    • Viral
  • Follow us
    • Facebook
    • Twitter
    • Linkedin
    • Youtube
Home
Hacking News

Hacker Steals Amazon Marketplace Credentials from 3rd Party Server

July 19th, 2016 Waqas Hacking News, Security 0 comments
Hacker Steals Amazon Marketplace Credentials from 3rd Party Server
Share on FacebookShare on Twitter

A hacker has stolen Amazon Marketplace data from a 3rd-party server — He is now offering the data on an underground forum for BTC 0.02!

A hacker going by the online handle of 0xTaylor has claimed to have stolen a database from an unknown third-party server that contains data on several platforms including Amazon Marketplace.

0xTaylor who is currently selling the database online for BTC 0.02 (13.51 US Dollar) told Israeli data mining company Hacked-DB that “This data isn’t directly from Amazon it’s from another service that is associated with Amazon.” alongside Amazon‘s regular offerings.

Screenshot shows hacker is offering data in Bitcoins

The screenshot shows hacker is offering data in Bitcoins

For those who are not familiar with Amazon Marketplace, it’s an e-commerce platform owned and operated by Amazon.com Inc. that enables third-party sellers to sell new and used offerings on Amazon.com’s fixed-price online marketplace alongside Amazon’s regular offerings.

We requested Hacked-DB for an in-depth analysis of the data and below are their findings:

The leaked data size is 706MB with 118K lines and includes 110,000 unique email addresses detected from various providers but the vast majority is related to Amazon marketplace emails, however, the email addresses are encrypted as shown in the Amazon Buyer-Seller Messaging Service page which states that “By using the Buyer-Seller Messaging Service, both buyers and sellers communicate with each other via encrypted e-mail addresses. For example, if a buyer wants to contact a seller, the Buyer-Seller Messaging Service will assign an encrypted alias, such as a222d34b3891234b@marketplace.amazon.com, instead of displaying the seller’s real e-mail address. Emails are routed to the seller via this encrypted alias.”

Other than those encrypted emails the data also includes information such as phone numbers, postal codes, first and last names, country, state, address, buyer emails addresses, product purchased and buyer notes. There are also multiple fields related to internal operations such as order total, amount, currency and ship date etc.

While talking to HackRead, cyber security analysts Oren Yaakobi from Hacked-DB said that “Based on the leaked data we cannot indicate which website has been compromised. The information discloses sensitive data and can lead to identity impersonation, identity theft and targeted attacks on users who used this service.”

Here is an exclusive screenshot from the leaked data: 

hacker-steals-amazon-marketplace-credentials-3rd-party-website

Here is a list of emails found in the leaked data:

hacker-steals-amazon-marketplace-credentials-3rd-party-website-3

Don’t be surprised about this leak as this is not the first time data related to Amazon customer is available online. Just last week a hacker leaked data of 800,000 Amazon customers that included emails, session keys, city, state, phone number, zip code, user-agent, LastLoginIP, Proxy IP and street details.

Last time, we contacted Amazon for a statement but there was no reply from the company, however, we have contacted Amazon once again for a statement on its marketplace data and in case they decided to reply we will update this article.

  • Tags
  • Amazon
  • breach
  • Data
  • hacking
  • internet
  • LEAKS
  • Privacy
  • security
Facebook Twitter LinkedIn Pinterest
Previous article Alpine County Superior Court, CA Website Hacked Against Trump and Racism
Next article Baton Rouge City Website Hacked Against Alton Sterling's Death
Waqas

Waqas

I am a UK-based cybersecurity journalist with a passion for covering the latest happenings in cyber security and tech world. I am also into gaming, reading and investigative journalism

Related Posts
Microsoft release open-source CodeQL queries to hunt SolarWinds hacks

Microsoft release open-source CodeQL queries to hunt SolarWinds hacks

Hackers using malicious Firefox extension to phish Gmail credentials

Hackers using malicious Firefox extension to phish Gmail credentials

Cryptocurrency exchange in liquidation due to hack, hacked again

Cryptocurrency exchange in liquidation due to hack, hacked again

Newsletter

Get the best stories straight into your inbox!



Don’t worry, we don’t spam

Latest Posts
Microsoft release open-source CodeQL queries to hunt SolarWinds hacks
Microsoft

Microsoft release open-source CodeQL queries to hunt SolarWinds hacks

Hackers using malicious Firefox extension to phish Gmail credentials
Security

Hackers using malicious Firefox extension to phish Gmail credentials

Apple Glass may feature 3D Audio and Self-Cleaning in new patent
Technology News

Apple Glass may feature 3D Audio and Self-Cleaning in new patent

HACKREAD is a News Platform that centers on InfoSec, Cyber Crime, Privacy, Surveillance and Hacking News with full-scale reviews on Social Media Platforms & Technology trends. Founded in 2011, HackRead is based in the United Kingdom.

Follow us