Hackers actively targeting third-party sellers on ecommerce giant; defrauding customers and stealing from small merchants

(Washington, DC) – Concerned by the threat posed by hackers to Amazon’s growing community of third-party sellers, Senator Jeanne Shaheen (D-NH), the lead Democrat on the Senate Committee on Small Business and Entrepreneurship, today asked Amazon to share the steps the company is taking to prepare small and medium-sized businesses from cyber threats and the tools it provides to recover when cyberattacks occur.

Shaheen wrote: “Hackers are actively targeting Amazon’s growing community of third-party sellers – including altering bank deposit information and posting nonexistent merchandise – to defraud customers and steal tens of thousands of dollars from unsuspecting small and medium-sized businesses. 

“According to the Wall Street Journal, Amazon is increasingly ‘a target of choice’ for hackers who have ‘shaken [sellers’] confidence in Amazon’s security measures.’  Given the significant economic and privacy threats posed by these cyberattacks, it is essential large technology partners like Amazon provide the more than two million retailers who sell on its site the tools and support necessary to prepare for cyber threats and recover when hackers strike.” 

Senator Shaheen’s full letter to Amazon is below and here.

  

April 14, 2017

Mr. Peter Faricy
Vice President, Amazon Marketplace
Amazon.com, Inc.
410 Terry Avenue North
Seattle, WA 98109

Dear Mr. Faricy:

I was very concerned to read a report in Monday’s Wall Street Journal that hackers are actively targeting Amazon’s growing community of third-party sellers – including altering bank deposit information and posting nonexistent merchandise – to defraud customers and steal tens of thousands of dollars from unsuspecting small and medium-sized businesses. 

As you know, Amazon’s third-party seller program has grown rapidly, fueled by small businesses seeking to reach new customers online.  For these small businesses, online sales opportunities often include new and aggressive cyber threats that pose a disproportionate risk for small businesses.  According to the U.S. National Cyber Security Alliance, 60 percent of small companies are unable to sustain their businesses over six months after a cyberattack. 

According to the Wall Street Journal, Amazon is increasingly “a target of choice” for hackers who have “shaken [sellers’] confidence in Amazon’s security measures.”  Given the significant economic and privacy threats posed by these cyberattacks, it is essential large technology partners like Amazon provide the more than two million retailers who sell on its site the tools and support necessary to prepare for cyber threats and recover when hackers strike. 

As the Ranking Member of the Senate Committee on Small Business and Entrepreneurship, I regularly hear from small businesses that they do not have the time or adequate resources to defend themselves from sophisticated cyberattacks.

Please describe the specific steps you are taking to assist your third party sellers who have been victimized, as well as the resources available to small businesses selling on Amazon to protect themselves from similar cyberattacks.  In addition, I request that you provide information detailing the extent of these hacking incidents, including total financial losses and the number of merchants affected.

Thank you for your attention to this request so that we can work together to help these merchants defend themselves from hackers who threaten the security of small business and the livelihood of sellers. 

I look forward to hearing from you.

                                                            Sincerely,

                                                            Jeanne Shaheen
                                                            Ranking Member