A Chinese firm was harvesting millions of Amazon customers' data and selling it to Amazon's own third-party sellers
- A Chinese firm was able to harvest
Amazoncustomers' data to sell to Amazon sellers, Wired reports.
- The firm and other third parties accessed the data because of one of Amazon's own internal programs.
Insight into the integrity of Amazon's customer data infrastructure surfaced in a Wired report Thursday.
In 2018, third-party companies were scraping customer data thanks to one of Amazon's own programs, according to the magazine, which viewed internal documents and memos.
One company in particular, a Chinese data firm, was able to do so because of a system that Amazon already had in place to help sellers collect metrics on how their products were performing.
The Chinese firm used the system as a backdoor to collect troves of the data and compile it in a service — dubbed AMZReview — that was advertised to Amazon's third-party sellers to help them boost their rankings.
As Wired pointed out, the discovery is somewhat like Facebook's Cambridge Analytica scandal, when the data firm harvested millions of users' data without their knowledge to influence the 2016 US presidential election.
The AMZReview system claimed to hold information on 16 million Amazon customers, though an internal intel team said it likely harvested the details of only 4.8 million, per the memo reported on by Wired.
"There was a massive hole," one former Amazon employee told Wired. "It was really unmitigated."
The company wasn't able to decipher if the system was being used properly by sellers or by third-party companies, who could have been outright selling that data or leveraging it to target customers with marketing, Wired said. More than half of the developers Amazon looked into were violating the terms of service, per a memo reported by Wired.
An internal intel team discovered the backdoor when it investigated the external AMZReview service being marketed to its sellers. The "door" had been open for years, per Wired. An insider told the publication that "the color was draining from people's faces" when the team informed company leadership of the abuse.
"It was a fucking shitstorm," the person said.
The firm's solution was to limit how much data Amazon shared with sellers. It also asked the largest third-party companies to delete their historical data on Amazon customers to improve the "optics" if this ever surfaced publicly, one former employee told Wired. Wired also reported that AMZReview is no longer active.
An Amazon spokesperson told Insider the issue "was not a data leak."
- The 100-bagger stocks that survived the test of time and market cycles over 20 years
- Looking to travel abroad? 5 tips to help you save on airfare
- Aprilia RS 457 vs KTM RC 390 – the battle of the sports bikes in India
- Most secluded places in India to visit in 2023
- Relieve constipation naturally with Indian foods: A guide to digestive health