Amazon has started automatically resetting user passwords, after it discovered some usernames and passwords had been made public. You can rest easy though, because it wasn’t the incredibly popular retailer that messed up here; it’s actually taking this step pro-actively.
You might have received an e-mail from Amazon during the last few days, in which the retailer is informing you that it has reset your password. Know that you’re not alone, as Amazon has been doing this over the past week for an unknown number of accounts. It looks like its security team, while keeping watch on treasure troves of leaked credentials online, came upon accounts that had possibly been used on Amazon.com.
The company said there’s no reason to believe the Amazon accounts had been hijacked but decided to take this step of resetting passwords “out of an abundance of caution”. Those affected have been provided with a temporary password right now, which they’ll need to reset on their next visit to Amazon. The company also strongly encourages users turn on two-step authentication.
As usual, we recommend abiding by safe practices with all of your accounts, by relying on strong passwords, preferably ones that you never reuse.
Source: Venturebeat