Elizabeth Warren pushes for Senate investigation of Amazon over Capital One hack

Sen. Elizabeth Warren on Thursday asked the Federal Trade Commission to investigate Amazon over allegations the e-commerce giant ignored warnings about an issue that led to the Capital One hack that affected more than 100 million people.

Continue Reading Below

Warren, of Massachusetts, and fellow Senate Democrat Ron Wyden of Oregon sent a letter to the FTC accusing Amazon of neglecting to address the security issue in its cloud-computing system where Capital One stored data.

TickerSecurityLastChangeChange %
AMZNAMAZON.COM INC.1,752.79+0.26+0.01%

The Capital One fiasco is not the only topic that has Amazon in lawmakers' crosshairs. The three senators who demanded answers about Amazon's commitment to consumer safety by September were not satisfied with the answers they received and have floated seeking congressional hearings.

In their letter, Warren and Wyden said that Amazon had been notified of the risk of a breach a year earlier and should be investigated for unfair business practices.

Elizabeth Warren and Jeff Bezos are pictured in this combined file photo. (AP/Getty)

"While it is likely that Amazon has known that its [Amazon Web Services] product was vulnerable to [server side request forgery] attacks since the first high-profile demonstration by a cybersecurity researcher in 2014, the company has certainly known since mid-2018 at the latest," the senators wrote.

Scott Piper, a cloud security consultant, told Amazon its customer information could be compromised via a server-side request forgery in an email more than a year before the Capital One hack, The Wall Street Journal reported.

Capital One said in July a suspect who infiltrated its system and exposed millions of people's personal information had been arrested.

"The letter's claim is baseless and a publicity attempt from opportunistic politicians. As Capital One has explained, the perpetrator attacked a misconfiguration at the application layer of a Capital One firewall. The SSRF technique used in this incident was just one of many subsequent steps the perpetrator followed after gaining access to the company's systems, and could have been substituted for a number of other methods given the level of access already gained," an Amazon Web Services spokesperson told FOX Business on Thursday.

Warren is an outspoken critic of the tech industry. For example, she recently ran a series of admittedly fake advertisements on Facebook accusing founder Mark Zuckerberg of endorsing President Trump — a tactic intended to criticize the social media behemoth's policy of letting politicians make false statements in paid ads.

FOX Business' inquiryWarren's office was not immediately returned.

CLICK HERE TO GET THE FOX BUSINESS APP