AWS account hacked…the verdict

By | 09/10/2014

In thispost I described how somebody got unauthorised access to my AWS account and started 160 EC2 instances. I was called by Amazon and started a support case to which I received an initial reply as described in this post.

A week has passed, have been sending some mails back and forth with the support team about the fact that I was receiving late payment notifications. The assured me this was absolutely normal as the case went through the approval chain.

Today, 9th of October, I finally received some fantastic news. Read below part of the mail I received:

Hi Wim,

I have some fantastic news today! Our request to waive the unauthorized charges from your account has gone through all my upper levels of management, and they’ve approved a $32,830.80 (before tax) waiver as a one-time courtesy to your account! I’ve already applied the waiver, which brings your balance due for September back down to $0.47, the legitimate charges for that month. I’ve set that charge to run against your card within the next hour, and I’ll know soon whether it was successful or not, after which the remaining unauthorized charge balance will automatically be waived. Thank you so much for your patience while we worked through this issue for you. I’m just glad it came to a happy resolution!

I don’t want to resolve your case prematurely in case you have any more questions, but I think you should be good to go! You can now feel free to close out your case, or let me know if there’s anything else I can help with. Thanks!

Man, I can’t tell you how relieved I am. In the past days, I had been talking to friends and colleagues about it and people told me chances were high that Amazon would waive this huge amount. On my side, I was absolutely not convinced entirely as somebody needs to end up paying for the resources used.

Now that I got the final approval that the huge amount is going to be waived soon, I can only say that I’m a happy person. I must admit that my respect for Amazon has grown tremendously. Last summer, I had read the Amazon book from Brad Stone titled the “Everything store” (can be found on Amazon here). That book describes Amazon’s history and I read indeed that Jeff Bezos was putting “Customer Satisfaction” as the highest priority within Amazon. But these are of course just words in a book. Today, I can only come to the conclusion that this is effectively true.

I’m really amazed by the way the AWS security and support team have guided me through this entire process. They kept me informed how I could secure my account again, they took time (a lot of time) to walk me through some crucial steps to secure my account, they re-assured me many times that my account was safe again, they have updated me frequently about the progress. But above all, they treated this case very very professionally, showing a lot of respect for somebody who was concerned about the huge billable amount.