The Washington PostDemocracy Dies in Darkness

Amazon forces some customers to reset passwords

(LEON NEAL/AFP/Getty Images)

Amazon has forced an unknown number of account holders to change passwords that may have been compromised, just as it heads into one of the busied shopping days of the year.

Tech news site ZDNet first noted the issue after multiple readers reported receiving an e-mail saying that the online retailer had set their passwords. They were also notified of the change through the site's account message center, ZDNet reported, which confirmed their legitimacy.

The e-mail sent to affected users said that the company had "recently discovered that your [Amazon] password may have been improperly stored on your device or transmitted to Amazon in a way that could potentially expose it to a third party," according to ZDNet. The messages said there was "no reason" to believe passwords were actually revealed to a third party and it was taking action out of "an abundance of caution."

Amazon did not immediately respond to a Washington Post request for comment on the situation that requested information about the cause of the incident and how many people were affected. (Amazon founder Jeff Bezos is the owner of the Washington Post.)

Last week, started to offer two-factor authentication for customers -- a security measure that requires users to verify their identity through a second method, typically a code sent via e-mail or text message.

While the pre-Black Friday timing is less than ideal for Amazon, it's not the first time the company has reset customer passwords. Back in 2010, Consumerist reported that some customers had their passwords reset after the company discovered their e-mail and passwords were posted online. In that case, the company said password re-use by customers was to blame, rather than any leak from its own systems.