Following the news that hackers are targeting third-party sellers on Amazon.com, Andy Heather, Vice President and General Manager, EMEA at Centrify commented below.
Andy Heather, Vice President and General Manager, EMEA at Centrify:
“The news that hackers are targeting third-party sellers on Amazon.com, and using stolen credentials to post fake deals is no real surprise. Compromised credentials are often the root cause of many major breaches, as hackers target networks through trusted third-party suppliers and contractors who likely have less rigorous security than the ultimate target.
Proper security procedures and due diligence should be applied right across the supply chain, and not remain entirely with Amazon. This certainly won’t be the last time we see third parties being hacked – organisations need to up the security stakes with multi-factor authentication, which requires more than one method of authentication to verify the user’s identity for a login or other transaction, in order to stop the use of stolen credentials.
Amazon and those third party targets should be advising affected customers to, at the very least, change their passwords – especially if using the same one on different websites – to protect themselves against any repercussions. Monitoring for any suspicious activity on bank accounts, and being wary of phishing mails would also put them in good stead.”
About the Author
The opinions expressed in this post belongs to the individual contributors and do not necessarily reflect the views of Information Security Buzz.
