Tuesday, June 12, 2007

Security Warning: Amazon Login Data Compromised (?)

There's a new development on the Amazon comments threads (so far in Grady Harp's section): now posters' comments are being deleted not as 'deleted by Amazon', but as 'deleted by author', that is by you.

That means someone's been deleting your messages on your behalf, which means they have access to your account, 'cause one would need to log in as you in order to delete your comments as you.

For an example please check out this thread (it's just one place; there may be others; look carefully). See if there are any comments showing up as deleted by you that you did not actually delete.

If you see anything suspicious, it would make sense to change your password and remove credit card data (if you have any). Well, do whatever you feel prudent on the assumption that your account have been broken into. I do not exclude the possiblity of this being an inside job, so do whatever's necessary in your opinion.

Of course, you should also notify Amazon about this. It looks like someone's helping Grady Harp for serious — hacking into Amazon (or maybe it's an inside job, who knows). And btw, why am I not surprised? Oh well...


Misfit said...

Now that is scary. I know I deleted a bunch of my GH comments on the 9th, but I don't think Stanley and JJJS did.

Moderator said...

I didn't. Stanley will speak for himself.

MK said...


This is NOT the letter I was discussing on the Amazon site concerning Barbara's reinstatement--this is in reaction to the moderator's most recent warning. I sent this email moments ago. I apologize for the "[edits]," but many questionable folk peruse this website, and may take advantage of personal information, mores the pity.

The "Barbara/random booting from Amazon" letter is something I'm trying to arrange at the moment. It'll be suitably generic, so that additions/subtractions may be made with aplomb. The more people who cut and paste (and modify it) before sending it off, the better. Of course, many individuals best my writing ability, so if you already have something cooked up, post it, and we'll use that.


To Whom It May Concern:

Recently, it has come to my attention that several comments posted by a colleague of mine were reported as being deleted by the author, NOT by Amazon. As he reports not having deleted these comments himself, the logical conclusion is that his Amazon account's security had been compromised, allowing persons unknown to delete comments not written by them. This is unlawful at best, and has resulted in my deletion of all pertinent account information from my profile, including credit card numbers, until I can be reassured that this security loophole has been addressed. To summarize, I will not feel comfortable purchasing any items at this website until my confidence has been restored. [edit]--the stock market collapse of 2001 shook my confidence in Amazon much less than the recent slew of suspicious activity has.

It is possible that a member or members of a voting-ring associated directly or indirectly with "Top Ten" reviewer "Grady Harp" is responsible. This reviewer attains unbelievable quantities of votes within hours of posting each of his reviews, has vitriol-prone defenders, and has even been suspected of tampering with the reviews of other top reviewers. Your system of auto-deleting comments and/or reviews which attain a minimum number of "report abuse" mouse-clicks is itself eminently prone to abuse at the hands of a relatively small, but dedicated (and ethically-corrupt) group of individuals.

Please investigate the security of Amazon customer's accounts. Second, please direct more oversight to comments/reviews that are deleted, and carefully determine if deletion is actually appropriate to each specific case. Last, please deflate the power of voting-cabals so as to level the playing field for those of us that lack the interest or motivation to create multiple accounts or enlist multiple friends in petty ratings games.

Thank you very much for your time.





Barbara Delaney said...

I'm going back over comments. I saw some by Misfit that were made on June 2nd deleted but I guess those don't apply.

I'm seriously at the point of leaving amazon all together, (and I just re-started an account!), because I would not put anything past them at this point.

I had reported a racist comment that I had come upon on a review. It was blatant racism. Amazon sent back one of those form letters saying that there was nothing in it that violated their guidelines. Those guidelines are the most capriciously interpreted of any I've ever encountered. They mean whatever Amazon wants them to mean at that moment.

Barbara Delaney said...

Great letter, MK. I'm way more spooked by this than by anything else that has happened. I'm removing credit card info as well.

I'm also bewildered by the fact that after my account was closed I opened a brand new one. It was a completely empty page, you know what I mean, like the type seen belonging to sock puppets. That was last night. But today my lists have been restored, my amazon friends have reappeared, the only thing missing is my purchasing history. How can that be? But yet when I tried to comment on the discussion board it said I had to wait twenty-four hours because my account was new. This makes no sense.

Misfit said...

What's interesting is the date of deletion, June 9th, which is when Amazon was also deleting some of JJJS's and my comments from GH reviews. Could they just be misidentifying them?

scotdog98 said...

Amazon is probably tracking your computer. Did you use the same one for opening the new account?

Misfit said...

Stanley has chimed in and he didn't remove any of his posts either.

Interesting, twice today when I tried to click on GH and HK reviews I was told they were not available, try another time. I tried #2 reviewer and no problem looking at his reviews.

Deborah Hern said...

Barbara - It's very possible that Amazon's software just connects whatever new id/account you open to your existing IP address. So if you use the same computer to start a second account, you've got the same IP. Unless you've got one of those re-directing things.

I haven't noticed anyone messing with my comments. But perhaps merely pointing out factual errors is considered unimportant. Or maybe I just haven't made it to the top of their Hit List yet.

Are HK and Grady really down? Is Amazon actually listening to us? Or is this just some glitch or ploy to make us think they're taking our concerns seriously?

Stephanie said...

WOW! I went to work and came home to this.

This is really serious. I have never posted anything on Grady's reviews, however, if he can hack into someone's account, he can do it anywhere. I am sure he knows that this group hangs out at the HK reviews as well. I know I will be taking my accounts off of Amazon and I will not be purchasing anything from them until I know it is safe.

I will write a letter to Amazon with my concerns. I don't know how many of us have teamed up for this. I don't know how many letters are needed to get Amazon's attention.

MK, I am wondering if you have thought about posting this info at the discussion board? My thought is that if we can get as many people as possible informed of this ( many people visit the discussion boards than do HK's comment sections ) we can get more customers to take action. With a bold headline like the one on this one, you should get alot of peoples attention. I know Amazon would not want to lose many customers. What do you think?

Stephanie said...

I just visited the HK review pages and can see it just fine. Is anyone still having trouble viewing those pages?

Moderator said...

Misfit wrote:
>Interesting, twice today when I
>tried to click on GH and HK
>reviews I was told they were not

I had (intermittently) the same experience with GH reviews today. I hope it's a sign of them (Amz, that is) looking into it.
I got a response from Amz, btw. Not terribly informative (though I'm glad they've acknowledged the receipt of my note). Here's a relevant excerpt (emphasis and text in brackets are mine):

"Greetings from Amazon.com.

"Thank you for writing to us regarding this matter. First, please know that I have brought your concerns to the attention of the appropriate department within Amazon.com. [this is the only potentially useful part of this letter]

"Unfortunately, we are unable to determine how or why these postings were removed. Discussion postings and threads are typically only removed from the Amazon.com website for two reasons.

"The first being if the review was not within our posted guidelines. The second is at the request of the customer who authored the review in question.

"Because the notation left on the postings indicate they were deleted by the author, I'm inclined to believe the postings were removed by someone who has access to the account under which they were written.

"If someone else knows your password, they would be able to sign in and delete posts. [grrrrrrr... I know! They'll also be able to get to my account! That's why I'm writing to you! ] However, it's also possible the postings were removed by a member of our customer service team for one of the reasons outlined above and an error caused the incorrect notation on the website.

"I'm sorry we are unable to offer definitive information regarding the removal of the posts in question. Changing the password on your account is always a good precaution [gee, thanks!], and of course, you're welcome to return to the web site to post additional discussions. If you come across a similar situation in the future, please use the link below [none actually present :-) ] to let us know. [...]"
/End of excerpt.
So it might be just a display bug after all; I hope that's what it is, but I can't rely on it.

And finally, based on this letter, am I to expect a followup from the "appropriate department within Amazon.com", or that's it? So far, the answer has been something like "too bad, but it's good you've changed your password". (Correct me if I'm misinterpreting something.) Is that what the vaunted concern for the security of customer data is? "Sorry we don't know what happened"?
PS. MK, that's a great template, thanks for putting it together.

Misfit, what alerted me to the situation was that the timestamps on the removals of Stan's and my (and yours, I think?) messages are within a minute or two from one another: it looks like one guy just went in and deleted all messages from all posters. If they were marked as 'deleted by Amazon' I woudn't be alarmed, but as is it looks like we all went online at the same moment in order to wipe out a hefty number of our own comments -- not something that anyone involved is known to do to begin with. 'jfourreur' and 'MM' yes, these guys like to sneak back and delete everything they've just written, but not anyone else. In addition I don't think I even was online this Saturday.

Misfit said...

My two cents so far on all of this and in no particular order:

1. To log into another one's account, in theory, one would have to know the email and password. Passwords are sometimes easy to guess, but knowing the emails is different. Anytime I posted on the Dayton site is was an "anonymous" address that is not associated with either of my two Amazon accounts. Also, Stanley Nemeth never posted on the Dayton sight (that I can recall). So, how would a hacker get the email info?

2. MK, well done on the letter, Congrats.

3. Barbara, in addition to recognizing your IP, those all pervasive cookies could have "recognized" you.

4. I did remove some of my comments on the GH reviews on SUNDAY afternoon, 6/10 not 6/9 (when JJJS's and Stanley's were removed "by author"). If any are deleted by author on 6/9 it was not done by me -- so far I haven't seen any. I removed them as I saw a considerable amount of deleted by Amazon and I thought I'd beat them to it. I will point out that whilst going through those old comments I would have noticed the mass deletions by authors, which I did not observe.

Moderator said...

Re. 1: (a) it could be an inside job, and (b) it's still possible that it's just a display bug and the notes have actually been 'deleted by Amazon'. I hope for the latter, but oh man...

Well, there's a very unlikely (c) someone could hack the poster's computer to get the login data. This too would have to be an inside job, 'cause only Amazon knows where I'm coming from when I log in there.

I guess, let's just wait and see what happens.

Barbara Delaney said...


Earlier today when I was looking over comments I saw one you had made on one of Grady Harp's reviews . The review and the comment were both dated June 2 2007. When I looked at it , it said your comment was removed by author on June 9th. I went back to get the name of the item so you could check to see if you had in fact removed this comment.

Okay, now here is the really strange part: this review of Gyorgi Ligeti; Clear or Cloudy now has absolutely NO comments on it at all. It has been wiped clean. But it is still dated June 2nd. There were other comments there besides yours. Now there is no record of any comments ever having been there. What is Amazon doing?

Misfit said...

Barbara, I think he's deleting his reviews and reposting them. I have had on two occasions deleted a review (that was removed by Amazon due to a snotty complaint) and another that disappeared. When I reposted them, they appeared on the original posting date. Same thing happened on Amazon UK. A review I posted never showed, I reposted it and it showed up on the original date, not the date of reposting.

BTW, when I was looking at Grady's reviews today I noticed one (go to recent comments, maybe page 3 or 4) that had well over a hundred postives, yet the item had NO INFO available, you could even click on it to get a name nor look at the one comment. What's up with that? How does a non-item yet 100+ votes?

Susiq2 said...

Susiq2 said...
In the past 36 hours my eldest son managed to be stranded at various airports around the country, finally arriving home at 1:30 a.m. instead of 4 p.m.the day before. My youngest son brought home 3 of his friends to live with us for a month are so. I have been informed that my West Point cadet, while on a missions trip during "Spring Break" had been cut by debri and now has a bacterial infection that is drug resistant to Everything but a very strong I. V. antibiotic, and may in put in the hospital trying to rid his body of this potentially deadly infection. I really do not feel up to dealing with this issue about Barb, and FTF, but I will address several of BD's accusations: I am not naive. I am well aware how the world works, however, I am a peace maker,I try to inject humor, and a tolerant attitude into my life situations. Obtuse? I guess that can be your call, but you are the first person to say that about me. Do we, as a group, still think that FTF, and his minions, got you temporarily banned? I don't know how you got banned, but I did not have anything to do with it.I am sorry about forwarding your private emails to me along to other people. Barb, it is very unpleasant to receive angry emails from you that I feel I did not deserve. However, it was wrong of me to do so , and I apologize for what I did. I am not responsible for FTF, nor am I "siding" with him. He is not my friend, he will never be my friend. I will never just go about being rude to anyone, and I detest what he said about MK, and KrossD. I had noticed that FTF was spouting some of the same complaints that we are spouting. I was thinking that he was "seeing the light". I truly believe that we will never have a moments peace from him as long as he is so angry at our group. I Had Hoped for reconciliation between all of us, but it seems it will not to be happening. I am not his "dear" anything, much less friend. When he is nice I saw no reason to not try to get him to see why we have been fighting the fight that we have been engaged in. I see no way to continue with posting if he is going to be so angry at us, or at myself, in particular, because I do not handle verbal assaults well. I try for peace, not war. My whole life has been dedicated to making the world a better place, a safer place, and a healthier place. I am sorry that I caused you pain and embarrassment. How did FTF get you banned, temporarily? When and how did he get rid of Misfit? I have heard nothing about this happening.....

Moderator said...

Susiq2, sorry to hear about all this trouble and I hope everything's OK with both of your sons. Also, don't feel like you have to handle all the world's troubles singlehandedly and on your own, the family obviously comes first.

About the rest, I'm not sure, were you responding to someone's message or something like that? No one's accusing you of anything... am I missing anything?

Barbara Delaney said...

Put your time and energy toward your family. That's the real world where things matter. All of us will hold good thoughts toward you and your son and those of us who are people who pray will certainly have him in our prayers. I hope he has a rapid recovery.

Moderator said...

I'm still not sure what happened up there. Oh well...

scotdog98 said...

Suzie I wish only the best for you & your boys!

I'm going to sound really unfeeling . . . but we all need to leave the emotions at home. I am not here to be friends nor enemies with anyone. The only survivors on the internet super-highway are going to be those who know that your posts are public & then are cool with the critiques. No room on the comments or db for emotion. If you have a thin skin you need to realize that you are going to get your feelings hurt & post (or not post) accordingly.


Susiq2 said...

Barbara and I have spent the afternoon emailing back and forth until she had to go to work. I am so glad that I had the opportunity to get to know BD. She was very helpful with my concerns about my son, and could not have been kinder. I am thankful and honored to call her friend. I stand behind her efforts, and with all of you to help HK take responsibility for illegible reviews, and GH for just plain cheating on positive vote counts. It is a noble endeavor, and I am proud to be a part of this group. I thank each of you for your kind remarks about my son. We will get the sensitivity test back tomorrow so that we will know what antibiotic will work on his infection.

MK said...


You have nothing to worry about--your son will recover. Soon, the only thing you'll be worrying about is how to coincide the family reunion with your second (third?) West Point graduation ceremony!

Best wishes,


Moderator said...

Scotdog, I hear you and I'm with you 100%.

Misfit said...

Scottdog, well said.

Susieq2, hope all goes well for you.