Amazon has been accused of letting its junior staff spy on the shopping history of stars including Kanye West, actors from the Avengers films and a celebrity who bought several sex toys from the retail giant.
Thousands of the company's customer service employees around the world are said to have had 'free for all' access to look up anyone's purchase history.
The aim of the system was to speed up service, but some staff used their privileges to snoop on the buying habits of partners past and present as well as celebrities, former employees have alleged.
Amazon has been accused of letting its junior staff see the shopping history of stars including Kanye West (pictured), actors from the Avengers films and a celebrity who bought several sex toys from the retail giant
Despite such searches being against Amazon's rules, a former customer service manager told Wired that 'everybody did it'.
The revelations have been made public following an investigation by Wired and the Reveal radio show produced by the Center for Investigative Reporting, which is located in California.
They are based on interviews with ex-employees as well as memos and internal documents from 2015 to 2018.
One former Amazon worker, who has not been named, said he remembered his colleagues looking up the shopping history of rapper West and stars of the Marvel Avengers movies.
Another unnamed celebrity was found to have purchased sex toys, the ex-staff member added.
'Unruly vulnerabilities' allegedly allowed employees to start a 'research session' to look up a customer even when they were not on the phone.
Amazon's former chief information security officer Gary Gagnon described the system as a 'free for all' that left the US technology giant at risk of 'international threat actors'.
He told Wired that while he was with the company there was no internal system designed to prevent staff from abusing their access.
'It was all put together with tape and bubblegum,' Gagnon said.
Amazon said it had strict policies relating to accessing customer data and 'strongly rejected' the suggestion that abuse of these privileges is common.
An Amazon spokesperson told MailOnline: 'Across 25 years in business, Amazon has an exceptional track record of protecting customer data and has invested billions of dollars to build systems and processes to keep data secure.
'We have relentlessly high standards for security and privacy, and we continuously assess and implement new measures when we see opportunity to further strengthen our protections.
'The claims made in the Wired story are based on information that is outdated and out-of-context and have absolutely no bearing on Amazon's current security posture.'
'Unruly vulnerabilities' allegedly allowed employees to start a 'research session' to look up a customer even when they were not on the phone
It has also been claimed that in 2017 Amazon employees found that the names and American Express card numbers of up to 24 million customers had been left exposed on an internal network for two years.
The exposure was corrected but Gagnon said there was no way of knowing whether anyone had accessed the information while it was vulnerable to an attack.
This is because the logs of who had accessed the data only went back 90 days, something Gagnon said he was 'astonished by'.
It has been claimed that one of the causes of the issues was because Amazon staff had a tendency to copy data and store it in various locations, according to a 2018 security memo, resulting in a 'mostly undocumented proliferation of copies of their required data sets.'
Amazon insisted there was no evidence to suggest the data was ever exposed outside of the company's internal system.
Post a Comment