Hacking And Fraud Amazon Customers Hit Hard amazon store cc login, card cvs number
Amazon’s UK branch has seen better times, as it was exposed
to “extensive” fraud by still unidentified hackers that managed to
siphon funds from merchant accounts over a six month period last year.
The company says that it was a victim of online hackers who had managed to break into over 100 merchant accounts and channeled money from loans and sales to their own bank accounts. According to the legal document filed in the UK, the breach took place between May and October of 2018. The redacted document, which was filed in November of last year, has finally been made public.
The online shopping giant said that while it was
investigating the compromised accounts, it was found that that the malicious
actors had changed account details on its Seller Central platform. They
diverted the funds to accounts that were owned by Barclays Plc and Prepay
Technologies Ltd (a company that is partly owned by Mastercard).
The general thought is that the accounts were compromised by
successful phishing attacks that managed to extract valuable and confidential
login information from the compromised merchants. The investigation is now
finished according to a spokesperson for the company.
Many in the information security industry are using this as an example of how such a vast automated system with very little human input can be easily breached . It also points to the difficulty that Amazon had in finding the perpetrators responsible looking at how long the investigation has taken.
The lawyers for Amazon have asked a judge in London to
approve searches of Barclay’s and Prepay accounts that are suspected of being
involved in the breach. They believe that many of these accounts were used as
middle-men and had seent heir owners be an innocent party that was mixed up in
When Barclay’s was asked for a comment, they declined to
comment on specifics, but they did reiterate that they close down accounts used
by criminals to protect their customers. Prepay did not offer any comment
Amazon stated that they needed the documents “to investigate
the fraud, identify and pursue the wrongdoers, locate the whereabouts of
misappropriated funds, bring the fraud to an end and deter future
wrongdoing.” This was their line of reasoning used in the recent court
What is missing from the filing, at this point, is how the
malicious actors were able to add the details to “their” accounts at
Barclay’s and Prepay. One of the Amazon units that were named in the filing is
Amazon Capital Services UK, which provides short term loans to merchants to
help with growth that was not expected nor planned for. These loans are
one-year long maximum and serve only to provide a short term fix.
One thing that many in the industry want to know is how much
of the cash that was issued last year as loans was siphoned. Amazon has not
mentioned a number in the filing that was publically available, but they have
mentioned previously that they issued over one billion dollars for 2018. While
this might be a drop in the ocean for a company as large as Amazon, the real
victims of this hack were the merchants.
Many smaller companies and sellers use the Amazon platform to extend their customer base and these loans would have been critical for them to keep their businesses afloat in a period where the demand was too high to keep up with available supply. The loans offered a reprieve until profits caught up with the increase in dem, and for goods, but with the siphoning hack , many could have seent heir businesses damaged beyond repair.
There is no data at this present time on what businesses
were breached and what the fallout is expected to be, but it does show that
online information security should be at the top of every merchant’s list so
that something like this does not happen again.
amazon store cc login card cvs number