I use unique emails for everything so when I started getting spam to my amazon email, I knew it was leaked via amazon. The spam however was requests for reviews in exchange for compensation.
I reported this to Amazon and their response was basically to threaten me if I participated.
I never did see an email. I only found out by this thread. But I get so much spam from Amazon (and now Amazon.uk, since I gifted an open source dev in the UK from his wish list) that everything from them goes straight to junk. I even communicated directly with Amazon.uk and asked them to remove me, but the emails keep showing up.
based on spam email i have received, that i clearly should not have, i believe this was an exposure to marketplace sellers from whom you have bought a product.
I am very careful with my email. i’m not just guessing here. i actually reported it to amazon security. (no answer from them of course.)
I received the exact same message, so I initiated a chat with Amazon to ask if the email did indeed come from them and he said it did. He said it was only the email address and no other information and assured me my account was safe and secure. I was unable to find out to whom my email was disclosed.
Speaking as a person who frequently buys from Amazon, I've never experienced this. (No, it's not that promotional email from Amazon is going into my spam folder. I have to check my spam folder semi-regularly because gmail keeps flagging perfectly legitimate email as spam.) The mail I get from Amazon is order confirmations and a newsletter that I specifically signed up for. What's this promotional email that you're talking about?
hehe, same here. My email address was completely randomized, and only used for scribd too (something like f9xl203js@mydomain.com), so I was very sure it was either scribd, or it fell into the wrong hands. When the email ends up in the spam folder and mark as potential phishing as well - my gut feeling was therefore that my email was indeed leaked.
The irony is that the email itself was generated by scribd itself, and not by any spammers.
I assume they sold my email. I have no supporting evidence that they did. I did receive an email back from support saying they don't sell email addresses. I replied with more information.
I did just noticed 5 days before I received spam to the same email address from
Yeah, not sure what happened but I've been experiencing the same thing. My email was leaked onto the web many moons ago but the spam has been harassing me for just a year or so
I do not send emails directly to vendors. Email from them comes through the amazon intermediary system. I would reply to necessary vendor communications using the web interface.
The spam email I got was for a seller asking for me to review some product.
I contacted amazon but got no satisfaction. I had to change the email address I used for (only) amazon.
I have similar experiences in general, however I've been unlucky enough to be a victim of a couple of leaks like Adobe, Invision and Gfycat. Some marketplace retailers also leaked my email and couple of smaller stores too. Totally worth to know this.
That said - my general info@ email that's semi publicly (simple js obfuscation) available on the website is orders of magnitude more spammed than those leaked ones.
Not only I received that email too, but I received from three different addresses. I marked it as spam in all cases and I even responded to the first one that it has nothing to do with me or my business.
I received one of these emails. It does appear to genuinely be from Amazon.
The interesting thing to me is that some people seem to have received the email from no-reply@amazon.com. I received it from order-update@amazon.co.uk
Perhaps that's just due to being on different TLD but seems interesting to me that I should receive one from the order-update@amazon.co.uk address.
no-reply@amazon.co.uk exists and would seem like the better email to send out such a notice from. I'm curious why they'd use the order update email system.
Maybe the name and email was revealed as part of a mis-configured ordering process? Perhaps revealed to sellers and not a 'breach' in the traditional sense?
I've received a few email notifications for amazon products. They seems to be sent for new questions when you previously purchased the product (not necessarily received it yet).
This was one of the poorest emails I’ve received about a breach. I had to triple check it wasn’t an odd phishing attempt.
The email, in full:
——
Hello,
We’re contacting you to let you know that our website inadvertently disclosed your email address due to a technical error. The issue has been fixed. This is not a result of anything you have done, and there is no need for you to change your password or take any other action.
2/3 years ago I started registering for free trial at Emusic and gave a UNIQUE email addy on the 1st page. Then, when it started asking for my credit card, I curtailed my application.
So, I wasn't even a member of emusic (couldn't log in as you would expect). Yet, it obviously remembered my email addy and leaked it, as shortly after I started to get spam addressed to this email addy that I used exclusively for emusic.
I complained to them but a director replied denying that they had any security breach.
For a couple of years I got the odd spam using this addy. However, in the past few months I'm getting about 40/50 per day.
I'm not too concerned yet, as the spams are not very large and I can filter them to delete from server without downloading them. I'm just a bit worried that they are on the increase and could get larger and more of them to fill my server mailbox.
These are not isolated instances, there are quite a few articles and blogs about it. This is how I found here by googling "emusic spam"!
Anyone know how these sellers get your email address? I had a similar experience. The product met 90% of what I needed but the advertised 10% did not, and that 10% was critical for what I needed to do. I left a 2 or 3 star review (I forgot).
I kept getting spammed to my personal e-mail. I was not sure if they were sending through Amazon system or directly - my guess was directly. Later on I did modify my review. I reduced it by 1 more star.
Ok, the email in your profile requires a human to interpret it, but this is still most likely the case (I got that spam too).
If someone got it on the non-public email used for YC submissions, it would be a different story (HN security compromised, or someone with legitimate access to these addresses leaking them).
I reported this to Amazon and their response was basically to threaten me if I participated.
reply