Amazon has force-reset some account passwords

Amazon hasn’t been hacked; rather, it’s saying that passwords may have been stored or transmitted insecurely, ZDNet reported Tuesday morning. The company writes that their password “may have been improperly stored on your device or transmitted to Amazon in a way that could potentially expose it to a third party”. According to the e-commerce giant, “We have corrected the issue to prevent this exposure”.

Amazon is being cautious; the email states that it doesn’t believe that passwords have fallen into the wrong hands.

Amazon did not immediately respond to a Washington Post request for comment on the situation that requested information about the cause of the incident and how many people were affected.

Data breaches have been occurring frequently in 2015.

The Amazon user tweeted at the company to question whether the email was legitimate. In light of these unknowns, it may be a good idea to change your Amazon password now as a precautionary measure.

Nonetheless, any security issue has the potential to disrupt regular site activity, and no company would want to experience such a disruption right ahead of the Black Friday and Cyber Monday weekend.

It’s not new for companies to force-reset account passwords if they have suffered a data breach, for example. Amazon is even offering special deals that can only be obtained through its smartphone and tablet apps.

There is no word from Amazon on whether the introduction of two-step verification is related to the password reset notices. Affected Amazon users will be able to regain access to their account by following the instructions given in the email. However, two-factor authentication isn’t something users are required to enable, so many accounts can still be left vulnerable to attack.