Report: Amazon Resets Some Users’ Passwords Over Concerns They May Have Been Compromised

If you found Amazon has force-reset your account password, you aren’t alone: according to a new report, many customers have reported that the e-commerce giant emailed them saying their password had been changed, citing security concerns that the information may be exposed to outsiders.

ZDNet reports that some folks have received an email from Amazon notifying them of the password reset, with messages also arriving in the account message center on Amazon.com and Amazon.co.uk as well, which would appear to mean that the notice is legit.

Amazon said in the email that it “recently discovered that your [Amazon] password may have been improperly stored on your device or transmitted to Amazon in a way that could potentially expose it to a third party.”

The company says it’s corrected the issue “to prevent this exposure,” and adds that it has “no reason” to believe the passwords were leaked to a third party. The password reset was a measure taken “out of an abundance of caution.”

Amazon hasn’t confirmed the potential security risk, though whenever something like this happens it’s a good idea to change your password anyway. Make sure it’s not something you use on other sites or for other accounts. It’s also a good idea to enable two-factor authentication, a feature Amazon just recently introduced for its U.S. customers.

Amazon force-resets some account passwords, citing password leak [ZDNet]