WASHINGTON • Amazon.com has informed some customers that their names and e-mail addresses had been "inadvertently disclosed" as a result of a "technical error", but declined to provide more details about the security incident.
The e-commerce giant confirmed it sent the messages on Wednesday, adding in a subsequent statement that it had "fixed the issue".
Amazon did not say how many of its users had been affected or where and how e-mails had been exposed. It only said that its website and other systems had not been breached.
Amazon's limited disclosure comes days before the Black Friday and Cyber Monday holiday shopping frenzies, ahead of a season when holiday e-commerce sales are estimated to total more than US$123 billion (S$169 billion), according to eMarketer.
Its handling of the security lapse drew sharp criticism on social media. Among its own sellers, some took to the company's forums to complain about Amazon's tight-lipped handling of the matter.
"Who knows what they're not disclosing about this," wrote one user. "Hopefully nothing..."
Others questioned Amazon after it told users there is "no need for you to change your password or take any other action", fearing that hackers still might try to use their names and e-mail addresses for nefarious purposes, including phishing scams.
It is not the first time Amazon has run into security troubles. Last month, the tech giant reportedly fired an employee who inappropriately shared customers' e-mails with a third-party vendor. The security lapse, which Amazon said it was working with law enforcement to investigate, similarly resulted in messages to customers indicating their e-mail addresses had been exposed. Amazon did not reveal how many people were affected.
The latest incident, however, could embolden those who would like to see tech giants and other businesses disclose more information about security incidents to their customers. Over the past year, tech giants such as Facebook and Google have also experienced serious mishaps affecting their users' personal data.