Amazon Now Resetting Some Account Passwords?

20607701226_d5ed9711ae_hRemember about four months ago when Amazon was resetting account passwords for some users in the US and UK?

They've started doing it again. Over the weekend a member of MobileRead Forums reported that they received this email from Amazon:


At Amazon we take your security and privacy very seriously. As part of our routine monitoring, we discovered a list of email address and password sets posted online. While the list was not Amazon-related, we know that many customers reuse their passwords on several websites. We believe your email address and password set was on that list. For your security, we have assigned a temporary password to your account.

You will need to reset your password when you return to the site. To reset your password, click "Your Account" at the top of any page on On the Sign In page, click the "Forgot your password?" link to reach the Password Assistance page. After you enter your email or mobile phone number, you will receive an email containing a personalized link. Click the link from the email and follow the directions provided.

Your new password will be effective immediately. We recommend that you choose a password that you have never used with any website.


That email is similar to the one Amazon back in November 2015, and in fact similar emails date back as far as June 2011. I found a copy of that earlier email in a four-month-old Reddit thread, and both emails say basically the same thing.

It's not clear whether Amazon found another security issue, the same one cropped up again, if Amazon is simply recycling the email text whenever they want you to reset your password, or if some scammer copied that earlier email for a new phishing attempt.

In any case, if you get one of these emails you should take it seriously, and follow the appropriate steps:

  1. Do not respond to the email, and do not click any links in the email.
  2. Instead, open a new browser tab and visit to reset your password.

Scammers sometimes use this type of email to trick the unwary into handing over their login info, which is why you shouldn't click a link in or respond to the email itself.

In fact, that's exactly what might be happening here. This email was reportedly sent to an address not associated with an Amazon account, which suggests that this email did not come from Amazon.

But the email did not have any outbound links, so it's not clear what a scammer would gain.

I haven't gotten the email, so I can't comment first hand, but if I had would indeed take the steps to change my password from "Passw0rd" to "Pa55w0rd".

Better safe than sorry.

image by christiaan_008

About Nate Hoffelder (11467 Articles)
Nate Hoffelder is the founder and editor of The Digital Reader: "I've been into reading ebooks since forever, but I only got my first ereader in July 2007. Everything quickly spiraled out of control from there. Before I started this blog in January 2010 I covered ebooks, ebook readers, and digital publishing for about 2 years as a part of MobileRead Forums. It's a great community, and being a member is a joy. But I thought I could make something out of how I covered the news for MobileRead, so I started this blog."

3 Comments on Amazon Now Resetting Some Account Passwords?

  1. I went and reset my password after examining the email thoroughly. All the outbound links in the email were to (no spoofing or redirects), it was sent to my amazon email address, AND all the headers in the email indicated it was truly sent by Amazon.

  2. Interesting, because the email that was sent to me was NOT sent to the email address that is tied to my Amazon account.


  3. It just happened to me (April 24, 2016) I was PO’ed. If Amazon has discovered a hackers “list” users and their passwords (“but not on our site!”) they need to get it out to all news channels. Then I googled and found it is a form letter that has been used for several years by Amazon. So’s I went to my Amazon account. Sure enough, locked out. So’s I did the password reset. Pretty low life scum bag way to get me to change my password. Enough with the fearmongering. I may get so fearful I’ll just quit using Amazon entirely.

3 Trackbacks & Pingbacks

  1. 2 – Amazon Now Resetting Some Account Passwords Following a Security Breach?
  2. Did Amazon have a security breach? Probably not | SkyNet Chronicles
  3. Amazon Has Reportedly Been Hacked, and Details on 84,000 Kindle Account May Have Been Stolen | The Digital Reader

Leave a comment

Your email address will not be published.