4KMILES 2019 Data Breach

4KMILES E-Commerce Marketplace Services Breach (2019): 11.3 Million Amazon Merchant Customer Records Including Home Address Exposed | ObscureIQ
ObscureIQ Breach Intelligence

Classification Tags

Database ExposureRetailEmail AddressFull NamePhysical Address
Low SeverityWebsite / service breach

4KMILES E-Commerce Marketplace Services Breach (2019): 11.3 Million Amazon Merchant Customer Records Including Home Address Exposed

digital commerce and Amazon marketplace services provider

Verified by ObscureIQ Intelligence
34/100Breach Risk Index
10Data Value
25Market Recency
519dSince Breach

Breach Intelligence Summary

Entity: 4KMILES · Actor: Unknown · Sources: 2 references
Attack: Database Exposure
Profile: Company · Digital commerce and Amazon marketplace services · Amazon marketplace services provider · Global
Timeline: Breach (2019-10-01) · Indexed (Feb 04, 2025) · Year (2019)
Exposure: 11.3M records · 3 fields: Email Address, Full Name, Physical Address
Status: Confirmed

Executive Summary

In October 2019, Amazon-partner SaaS provider 4KMILES suffered a data breach exposing about 11.3 million records (including at least 9.4 million distinct Amazon shoppers). Exposed data included names, email addresses, physical/mailing addresses, usernames, phone numbers, website activity, and hashed passwords. Some secondary sources additionally claimed Social Security information, which is not independently confirmed.

ObscureIQ assessment: Confirmed-circulating data is contact/identity plus hashed passwords; the unverified SSN claim is carried as latent worst-case rather than scored, pending independent confirmation.

Breach Impact

The name/address/phone/email set supports identity profiling, spam, and phishing; if the reported SSN element were confirmed, exposure would rise to serious identity-theft risk.

About 4KMILES

4KMILES was a SaaS provider and Amazon official partner offering tools to support Amazon marketplace sellers and shoppers.

Why They Hold Your Data

Amazon marketplace service providers usually handle merchant contact records, account credentials, store performance data, order and inventory information, payment or billing details, and operational files needed to run seller accounts. Their workflows generate this data through marketplace onboarding, store management, advertising support, logistics coordination, and account optimization.

Recent Developments

The breached data circulated publicly; a large share of affected records related to Amazon shoppers.

Data Points Exposed

3 verified field types
Email Address
Full Name High
Physical Address High

Field names are shown in full for clarity and search visibility. Canonical machine keys are emitted only in this page’s structured data.

Exploitation & Downstream Threats

Threat Activity:Moderate
Primary downstream threats:
  • Targeted phishing campaigns using exposed email addresses
  • Doxxing risk from physical address exposure
Threat vectors:
  • Phishing, credential stuffing & account takeover
  • Name-based social engineering
  • Physical stalking, mail fraud & identity verification
  • Home targeting, stalking & physical threat

Recommended Actions

If you believe your information may be included:

Enable MFA Everywhere
Turn on multi-factor authentication on email first, then financial accounts.
Report & Recover
If you spot misuse, start an official recovery plan and report fraud.

Frequently Asked Questions

What happened in the 4KMILES breach?

In October 2019, Amazon-partner SaaS provider 4KMILES suffered a data breach exposing about 11.3 million records (including at least 9.4 million distinct Amazon shoppers). Exposed data included names, email addresses, physical/mailing addresses, usernames, phone numbers, website activity, and…

What data was exposed?

Verified fields include Email Address, Full Name, Physical Address.

What should I do if I was affected?

Change reused passwords, enable MFA, and (if identity or financial data is involved) freeze your credit and monitor your accounts.

Sources & References

Every claim on this page is traceable. This breach draws on:

Breach Index
DataBreach.com
Record & field corroboration
ObscureIQ Intelligence
ObscureIQ proprietary analysis
Risk Index scoring & downstream-threat assessment

Protect Yourself

Check If You're Affected

Enter your email to check whether your data appears in this breach. We’ll send a 6-digit code to confirm it’s your address.

Get Free Breach Alerts

Be the first to know when new breaches are disclosed. Free forever — confirm your email with a 6-digit code.

High-Risk? Get an Exposure Audit

Executives, public figures, and high-visibility operators can receive tailored exposure intelligence and hardening guidance.

Request Consultation