Skip to Content
Security & privacy

Amazon leaks customer email addresses due to error

Just in time for the biggest shopping weekend of the year, scammers and con artists are out in full force to try and swindle you out of your hard-earned cash.

With online shoppers searching high and low for the best deals around, crooks are looking for opportunities to victimize unsuspecting bargain hunters.

One of the most popular cybercriminal tools out there is the phishing email. Many phishing attacks lead to victims clicking a malicious link and giving the scammer their log-in credentials on a spoofed site.

However, one message that’s making the rounds is a cause of concern. Please check your inbox now and see if you’ve received this email lately.

Have you received this Amazon email yet?

Did you get an email from Amazon recently about a “technical error” that publicly exposed your email address at its website? Well, apparently, you’re not the only one.

Betanews recently reported that a number of people have posted on Amazon’s forums about an email that they received concerning a “technical error” that exposed their email addresses. Looking at the original post, it looks like the message was sent to both Amazon third-party seller and customer accounts.

Amazon Forums

Amazon did not give any further details about this incident nor did it disclose the number of people that were affected by this incident. However, if you received this email, you were definitely impacted by it.

Here’s what the email has to say:


We’re contacting you to let you know that our website inadvertently disclosed your email address due to a technical error. The issue has been fixed. This is not a result of anything you have done, and there is no need for you to change your password or take any other action.

Sincerely, Customer Service

Recipients of the email are rightfully concerned about the lack of details about the incident. There’s no word about the duration of the exposure, the regions that were affected, what other types of information were exposed nor the exact nature of the bug.

The only thing that Amazon disclosed is that the issue is now resolved and no further action is required. Not that reassuring, right?

Is this a phishing scam?

Based on the forum comments, the messages were indeed from Amazon. The email headers and server IP all show that they all originated from a legitimate Amazon address.

The messages also did not contain any malicious links nor phone numbers, typical of phishing campaigns. As far as everyone can tell, it is definitely an official email from Amazon’s customer support.

Was it a breach?

Understandably, if you received this email, you’re probably worried that your Amazon account is at risk.

But in an official statement, Amazon said that neither its website nor its systems were breached. The company said that email exposure was caused by an internal error or bug.

Amazon also stressed that the issue was fixed and it has informed the customers who may have been impacted. Customers who received the emails were also told that a password reset is not required.

As a word of caution, though, if you did receive this message, I strongly recommend that you change your password anyway as soon as you can.

How to contact Amazon support

If you have any questions about this incident, you can contact Amazon’s customer support numbers and ask them how this could impact your account. Here are the numbers: 888-280-4331 and 888-280-3321. You could jot this down on a piece of note paper and keep it next to your computer or even send it to yourself as an email so you always have it on hand.

If you don’t have access to the number, you could visit Amazon’s Contact Us page. There, you will find multiple ways to contact Amazon, including its customer service number, email, or even an instant chat option with a representative.

Be on high alert for phishing scams

Although this notification was an official Amazon message, scammers will most capitalize on this blunder. With some of Amazon seller and customer emails inadvertently exposed, these can be used for future phishing scams. To protect yourself from the fallout, here are some things you can do to help avoid falling victim to phishing scams:

How to avoid phishing scams

  • Be cautious with links – If you get an email or notification from a site that you find suspicious, don’t click on its links. It’s better to type the website’s address directly into a browser than clicking on a link. Before you ever click on a link, hover over it with your mouse to see where it is going to take you. If the destination isn’t what the link claims, do not click on it.
  • Do an online search – If you get a notification that seems suspicious, you should do an online search on the topic. If it’s a scam, there are probably people online complaining about it and you can find more information.
  • Watch for typos – Phishing scams are infamous for having typos. If you receive an email or notification from a reputable company, it should not contain typos.
  • Use multi-level authentication – When available, you should be using multi-level authentication. This is when you have at least two forms of verification, such as a password and a security question before you log into any sensitive accounts.
  • Have strong security software – Having strong protection on your family’s gadgets is very important. The best defense against digital threats is strong security software.

Stop robocalls for good with Kim’s new eBook

Robocalls interrupt us constantly and scam Americans out of millions of dollars every year. Learn Kim's best tricks for stopping annoying robocalls in this handy guide.

Get the eBook