Amazon Investigates Alleged Confidential Data Leaks

Amazon says it’s investigating allegations employees sold confidential data to vendors for bribes.

Amazon
David McNew / Getty

Amazon says it’s investigating allegations employees sold confidential data to vendors for bribes.

Online retail giant Amazon said Monday it was investigating claims that its employees had been bribed to hand over confidential information and remove negative product reviews. Employees at Amazon are selling data on reviewers, search engine optimization and sales metrics to independent vendors, according to Reuters.

The report stated confidential information is usually sold through third-party brokers, with the practice being particularly common in China. In one case, Amazon employees in the Chinese city of Shenzhen were allegedly found peddling data like reviewer email addresses and sales metrics for as much as $2,000. Data brokers have also offered Amazon vendors the ability to delete unfavorable reviews and restore banned accounts, the report said.

Amazon has responded by stating it’s investigating a handful of incidents, including some in the United States.

“We hold our employees to a high ethical standard and anyone in violation of our code faces discipline, including termination and potential legal and criminal penalties,” an Amazon spokesperson told CNN.

The company also warned vendors they could face penalties if they’re caught purchasing confidential data from employees or middlemen.

“We have zero tolerance for abuse of our systems and if we find bad actors who have engaged in this behavior, we will take swift action against them, including terminating their selling accounts, deleting reviews, withholding funds, and taking legal action.”

According to the spokesperson, the company can track down data leaks with “sophisticated systems to restrict and audit access to information.”

Amazon has been battling data breaches and unscrupulous practices for years. In 2017, the company saw a wave of data breaches centered around its subsidiary, the cloud platform provider Amazon Web Services (AWS). In one case, the private information of over 120 million Americans was found exposed in an AWS storage bucket, where it could be accessed by anyone with an account. AWS accounts are free, and, according to Forbes the data could be accessed by anyone with log in details and the URL.

Along with plunging data breaches, in recent years Amazon has also sought to crack down on misleading and fake product reviews. In 2015, the e-commerce giant sued over 1,000 people accused of selling bogus product reviews via gig platform Fiverr.com.

“Most of the defendants offer positive or 5-star reviews for Amazon sellers’ products,” Amazon alleged in court documents, according to CNN.

“Indeed, many encourage the Amazon seller to create the text for their own reviews,” the company stated.

At the time, Amazon spokesperson Julie Law said fake reviews represent just a “small fraction” of all product reviews on the website, but warned the company is willing to take action against offending vendors.

“We terminate accounts that abuse the system and we take legal action,” she said.