Tim De Chant reports:
Thousands of Amazon employees, including those who developed private-label goods for the e-commerce giant, enjoyed years of access to sensitive third-party seller data, according to a new report.
An internal audit in 2015 traced the issue to lax security protocols, including the use of a tool called “spoofer access,” which allowed Amazon employees to view and edit accounts as sellers. The employees had access to profile information, inventory levels, product pricing, and even the ability to cancel orders. The audit, obtained by Politico, says that spoofer access was available to employees from around the world and persisted until at least 2018.
Read more on Ars Technica.