This weekend Amazon.com reset the passwords for a number of their users to protect their accounts.
It appears from a post on Venturebeat that Amazon saw a list of compromised passwords for other websites on the black web. They realise that users often use the same email address and password combination for multiple websites, checked the list against the Amazon user database and if they spotted a match changed the password.
In an email sent to affected customers, Amazon said “While the list was not Amazon-related, we know that many customers reuse their passwords on multiple websites. Since we believe your email addresses and passwords were on the list, we have assigned a temporary password to your Amazon.com account out of an abundance of caution“.
Great to see a company pro-actively taking action to protect their users, especially as most Amazon users will have their payment credentials saved in Amazon and so ordering products is just too easy for anyone with access to your account. The bad news is that yet again the weakness of passwords is highlighted as us humans. Passwords are too difficult to remember so we tend to reuse our favourites and that does mean if our password is compromised on one website the hackers are likely to be able to get into multiple accounts across the web.
One Response
I’ve had this email twice from Amazon in the last 6 months, but not this time.