business news in context, analysis with attitude

Bloomberg reports that Sen. Ron Wyden (D-Oregon), the ranking Democrat on the Senate Finance Committee, and Massachusetts Sen. Elizabeth Warren (D-Massachusetts), a 2020 presidential candidate, have written to Chairman Joe Simons of the Federal Trade Commission (FTC) asking it to "investigate whether Inc. violated federal law in its handling of security ahead of a Capital One Financial Corp. breach that exposed data from about 100 million people in the U.S."

According to the story, "an August 2018 email … appeared to be alerting Amazon to a security issue -- known as a server side request forgery, or SSRF vulnerability -- that played a significant role in the breach, as well as a response from the company promising to look into the issue.

"The letter from the senators also says that Amazon’s failure to address the flaw as competitors Alphabet Inc.’s Google and Microsoft Corp. have done 'has been the subject of significant public discussion among cybersecurity experts for the past five years, including in presentations at major industry conferences.'

"The FTC should look into whether Amazon’s failure to secure its services 'constitutes an unfair business practice,' which would violate federal law, the letter said."
KC's View: