Published Published June 6, 2025
Read time
 read

Amazon hacked? What you need to know (and do) in 2025

Amazon hacked
Ready to stop your personal information exposure?

Remove your Name, DOB, Address, Phone Number, Property and Legal Records from 200+ Sites.

Have you searched “Amazon hacked” recently? If so, this is not surprising. With data breaches, sophisticated scams and hacks making headlines almost weekly, people are increasingly concerned about the safety of their Amazon accounts. While there’s no evidence Amazon’s own systems have ever been compromised, third-party breaches and Amazon fraud pose real risks to both shoppers and sellers. 

In this article, we’ll discuss third-party incidents linked to Amazon, highlight the latest scams targeting users, and share the steps that will help you secure your account and personal information. Whether you’re a regular buyer or run a business on Amazon, being informed is one of the best ways to stay protected.

Was Amazon hacked recently?

Rumors have linked Amazon to multiple hacks and data breaches, but  the company has responded to just a few. To give you a clearer picture of the scope and scale, here’s a look at some of the most recent security incidents, both confirmed and speculative. 

MOVEit breach

In 2023, a file transfer platform developed by Progress Software, MOVEit, was breached by a ransomware group called Cl0p. Although Amazon wasn’t using the software directly, its third-party service providers transferred personal data via the file transfer platform, which resulted in 2.8 million Amazon employee records being leaked.

In addition to Amazon, 2500 other companies, including Lenovo, McDonald’s, Delta Dental, were impacted by the breach. Over 80% of the companies were based in the U.S., and the incident compromised the information of over 95 million people. 

A year later, a threat actor called “Nam3L3ss” revealed the breach on the dark web. The hackers obtained Amazon employees’ names, phone numbers, work email addresses, and office locations. Amazon emphasized that sensitive personal details, such as Social Security numbers (SSN) and financial information, were not compromised.

“Amazon and AWS systems remain secure, and we have not experienced a security event,” an Amazon spokesperson stated. Upon discovering the incident, the company collaborated with the affected vendor to remediate the vulnerability. Employees were notified and advised on how to protect themselves after the leak, and no class actions were filed. 

Amazon Ring ransomware rumors

We currently have no indications that Ring experienced a ransomware event.

Amazon Ring spokespersonin an email to Mashable

On March 13th, 2023, the ALPHV ransomware group claimed to have breached Ring, an Amazon-owned company known for doorbell and home security cameras. Amazon denied the breach of its internal systems and shifted the responsibility to a third-party vendor. The affected vendor, the statement continues, had no access to customer information. 

The audio and video data uploaded to Amazon cloud services is end-to-end encrypted, which makes unauthorized access to the user’s media files difficult. Still, Amazon’s internal communications suggest that the situation wasn’t taken lightly, and security measures were tightened up. 

As no customer data was leaked, there is no solid evidence to confirm this was an Amazon security breach. Regardless, the incident sparked criticism over Ring’s overall privacy measures. Even unsupported rumors about a brand can shake consumer trust. 

HipShipper shipping leak

In 2024, HipShipper, an international logistics company integrated into e-commerce platforms like  Amazon, Shopify, and eBay, experienced a security incident that exposed 14.3 million shipping records.

The incident was discovered on December 2nd, 2024, when Cybernews researchers found an unprotected HipShipper cloud storage bucket. The leak was contained on January 9th, 2025. During that time, Amazon customers’ full names, street addresses, phone numbers, and some other order details were exposed. 

Amazon hacked_key facts

Amazon hacked: Debunking the myths 

Amazon’s infrastructure has not been compromised 

So, was Amazon hacked? At present, Amazon retail or AWS core systems remain intact and  unaffected by breaches. All the rumored and proven security incidents were related to Amazon’s third-party vendors. 

Key lessons from AWS data breaches

Amazon Web Services (AWS) is on-demand cloud computing platforms made by Amazon. They’re used by governments, companies, and individual developers to host websites, store and analyze data, run software, stream content, train machine learning models, and build scalable systems. 

Although AWS provides secure infrastructure, customers need to configure their own settings, manage access, and protect their data. The following breaches were not due to flaws in AWS but a result of customer-side misconfigurations or compromised credentials. 

  • In the Capital One data breach, a former AWS employee used a firewall vulnerability on the AWS-hosted Capital One server to access the personal data of approximately 100 million customers. This incident shows that a misconfigured firewall can be used to breach even the most secure infrastructure. 
  • The Pegasus Airlines breach happened as a result of an unprotected AWS S3 storage bucket, which exposed 6.5 terabytes of sensitive data, including flight charts and personnel information. Clearly, it’s up to AWS customers to secure AWS S3 buckets with proper access control. 
  • Hackers also used compromised AWS keys to breach the Codefinger AWS-hosted systems and deploy ransomware. This incident points out the importance of updating API keys and access credentials regularly and utilizing multi-factor authentication (MFA) whenever possible. 

Implications for Amazon

According to Statista, 56% of Americans wouldn’t feel comfortable disclosing their personal data to a company that had experienced a data breach. Although Amazon and AWS systems were not directly breached, the association with compromised data led many people to question the brand’s overall trustworthiness and security practices.

Ongoing threats to Amazon users

Amazon buyers and sellers remain prime targets for cybercriminals. Bad actors try to impersonate Amazon, exploit platform features, and design compelling social engineering attacks.

Here is a breakdown of some of the most prominent scam strategies observed in 2025. To learn more about current Amazon cyber attack methods, see our full guide here: Amazon scams

Amazon impersonation scams

Users have reported a rise in phishing attempts in the form of fake Amazon Prime renewal notifications. The alert that your Prime membership is about to expire comes with a PDF document (31 versions identified so far) containing a bunch of redirection links that take you to faux Amazon pages. 

Over 1000 malicious Amazon domains have been registered recently. Each of these sites was designed to trick you into revealing your account credentials and credit card information. 

Targeted scams and Amazon cyber attack campaigns

  • iPhone 16 Amazon scam: Several Reddit users have complained about receiving calls from pretend Amazon customer support agents asking to verify an order for the smartphone. The goal of these scams is to trick the confused user into handing over their login credentials or financial information. 
  • Credential stuffing: Scammers often try their luck with login credentials that were leaked in previous data breaches, hoping customers reused them for their Amazon account.
  • Pre-stolen information: Exposed login credentials or leaked email addresses can be used to set up targeted phishing emails, texts containing fake SMS links, or phone scams. These fake messages may appear to be from Amazon or another trustworthy source.

Amazon seller account takeovers

On January 16th, 2025, the Amazon account of a Singapore-based baby and maternity brand, KeaBabies, was hacked. Scammers were able to change the admin email, bypass the mobile one-time password (OTP) request, and lock out the account owner. 

Next, the attackers changed the banking details and tried to divert approximately $31,000. The seller, which generates $78 million annually and $230,000 daily, had their business on hold for seven days before access was restored. 

With Amazon’s current seller protection measures being limited, the scammers were able to obstruct recovery efforts for a while, causing serious operational and financial damage.

How to know if your Amazon account is compromised?

The following signs indicate that your Amazon account has been hacked:

  • Your login credentials suddenly don’t work, and you can’t log in.
  • Orders that you didn’t make appear in your purchase history.
  • Your street address and payment information have been altered to divert packages. 
  • Notifications indicate someone has been trying to change your password or trigger two-factor authentication (2FA) on your phone. 

If you notice suspicious activity or lose access to your account, it’s important to stay calm and take swift action. 

What to do if you’ve been hacked?

Amazon hacked_urgent steps to take

After an account hack, follow these damage-control steps:

  • Change your Amazon password and enable 2FA immediately.
  • Check your recent account activity and shipping addresses.
  • Use an antivirus software to scan for keyloggers and malware.
  • Report the issue to Amazon via its support or “Report a Scam” page.
  • Monitor your bank and credit accounts for fraud.

How to protect your Amazon account going forward?

Update your passwords regularly (every 30-90 days)

Changing your passwords quarterly, is a best practice to enhance online security. This helps limit the window of exposure if a password is compromised. Make your passwords  strong, unique, and make sure you don’t reuse them. A password manager can help you keep track of all your passwords and suggest new ones. 

Turn on app-based two-factor authentication

You will have to approve each login through a link or code sent by email or text, or preferably through a specialized app. This might feel dull at times, but it adds an extra layer of protection against anyone trying to hack your account.

Learn to recognize real vs. fake Amazon communications 

Amazon will never ask you to reveal your sensitive info, such as your password or full credit card number, via email or text. Real messages will come from an official email domain (@amazon.com). Fake communications, often containing grammatical errors, might warn you that your account is getting closed or that a purchase is pending, requesting urgent action.

Never click suspicious links or downloads

Emails and texts containing links or files might carry malware or lead to malicious pages. These phishing attempts may seem real, but they are not. Stay wary of any offers that feel too good to be true, and don’t click suspicious links or files.

Watch for phishing emails and fake Amazon URLs 

Official Amazon URLs will begin with https://www.amazon.com/ or a trusted country-specific domain. Hover over links in emails to preview the real URL before clicking. If in doubt, go directly to Amazon’s website and navigate manually.

Check Amazon sign-in and payment history

Make it a habit to review your logged devices and order and payment history every month, or each time you receive suspicious emails or texts.

Amazon hacked_how to protect your account

Minimize your digital footprint to stay safer online

Bad actors don’t need to hack you directly: they often collect personal information from data broker websites and use it to create targeted phishing attacks. The more data exists about you, the more compelling these scams become. 

A simple way of boosting your cybersecurity is by reducing your digital footprint. First and foremost, see what information is out there by looking yourself up on data broker sites. Onerep has automated this process, so we can scan over 200 public data broker websites. The scan is quick and takes less than 5 minutes.  

To remove your personal information, you’ll need to submit an opt-out request to each website that publishes your data and return later to verify that it’s been taken down. If it hasn’t, make sure you repeat the opt-out until your data is fully removed. To save time and avoid this tedious work, you can delegate the entire process to us and we’ll handle it automatically on your behalf. 

Final thoughts

While Amazon itself hasn’t been directly hacked, the risks surrounding the platform are very real—from third-party data breaches to sophisticated scams. As cyber threats continue to evolve, so should your defenses.

Staying informed and proactive is your best protection against such risks. Be sure to protect your accounts with layered security and remain vigilant for red flags. Limiting your online exposure is critical, and tools like Onerep can help you protect your privacy and save time. 

FAQs

Has Amazon ever had a data breach?

Amazon and AWS have never experienced a data breach. Still, they have been connected with various third-party data breaches. 

Was Amazon hacked in 2024?

No, Amazon has not been hacked in 2024. A third-party vendor has suffered a data breach affecting Amazon’s customers. 

How do I know if my Amazon account was compromised?

Your Amazon account might be compromised if you can’t log in, notice suspicious new orders or changes in your personal and payment information, and receive notifications of password change attempts or MFA requests. 

Is it safe to keep credit card info on Amazon?

It’s generally safe to keep your credit card info on Amazon, but it’s always better not to. Amazon has strong security measures and encryption, but even large institutions can get breached. 

What’s the best way to secure my Amazon account?

You can secure your Amazon account by using a strong and unique password and enabling MFA. Remember to regularly review your login activity and purchase history, especially if you receive suspicious emails or notifications. Watch out for phishing emails and texts that appear to be from Amazon, and never click links or download files. 

Mikalai Shershan Chief Technical Officer at Onerep

Mikalai is a Chief Technical Officer at Onerep. With a degree in Computer Science, he headed the developer team that automated the previously manual process of removing personal information from data brokers, making Onerep the industry’s first fully automated tool to bulk-remove unauthorized profiles from the internet.

Was this article helpful?

You may also like

Online safety education Is HappyMod safe? What you should know before downloading
  • Online safety
  • apps
Online safety education Is the Shop app safe? A 2025 guide to privacy and security
  • Online safety
  • online shopping
Cash App scams
Scams Cash App scams: how to spot, avoid, and recover from them
  • Privacy protection
  • Online safety
  • Scam prevention
Online safety education Is CloudConvert safe? What you need to know before uploading files
  • Online safety
  • digital privacy
Data brokers expose your private data

Automate the removal of your personal information from 200+ data brokers and Google