What is worse: to be accused of prejudice, or accused of incompetence? In thee-commerce world, where how well one safeguards one’s customer data isparamount to any reputation, taking a hit on the latter is a bitterpill to swallow. That is better, though, than to be viewed as a companythat would deliberately and stealthily delist gay-themed books andmovies, among other materials, from its sales ranks, as Amazon was thought to have done this past weekend.
There were numerous cases of books such as Brokeback Mountain andThe Mayor of Castro Street: The Life and Times of Harvey Milkdropping from the sales rankings and even product search terms, according to media accounts, blog posts and countless Twitter tweets.
The items’ disappearance was the result of an”embarrassing and ham-fisted cataloging error,” according to a statement issued by Amazon. Altogether, 57,310books in categories such as Health, Mind & Body, Reproductive &Sexual Medicine, and Erotica were affected — not just gay-themedmaterials.
The problem is being repaired, with many books’ rankings alreadyrestored, the company added.
Fumbled or Hacked?
That might have been the end of it, until a hacker claimedhe was behind the change in rankings. “There’s some quick code to graball the Gay and Lesbian metadata-tagged books on amazon,” he explainedin his post.
First, the hacker claims to have pulled up a list of internal product ID codes on the targeted material.
“Now from here it was a matter of getting a lot of people to vote forthe books. The thing about the adult reporting function of Amazon wasthat it was vulnerable to something called ‘Cross-site requestforgery.’ This means if I referred someone to the URL of thesuccessful complaint, it would register as a complaint if they werelogged in. So now it is a numbers game.”
Amazon would not be commenting on the episode beyond its released statement, Patty Smith, Amazon’s director of corporate communications, told theE-Commerce Times.
To be sure, one anonymous post is hardly the stuff out of whichindictments are made — not to mention the dubious reason the supposed hacker gave as to why he hatesreputation systems based on user input: “When I was tryingto score chicks to do heroin with [on Craigslist] … My listings like’looking to get tarred and pleasured’ and ‘Searching for a heroine todo the paronym of this sentence’s lexical subject’ kept gettingflagged.”
Worst Blow
However, even if the account is untrue, it could do damage to Amazon’s security reputation, which could hurt Amazon as a whole almost as much as the unfounded belief that it deliberately culled gay-themed materials.
The emergence of a successful hacker could seriously undermine customers’ confidence in the e-tailer,Peter Cohan of Peter S. Cohan & Associates told the E-Commerce Times. “Thefact that somebody could hack in — if it is correct — is veryworrisome to Amazon’s customers. If the hacker could change salesrankings and search results, who’s to say he couldn’t break in andtake credit card numbers or other customer data?
“It’s not good for Amazon’s reputation, and if I were in Amazon’s shoes,I would get to the bottom of this — even if it is just a false report.I would offer a complete disclosure so people can feel comfortablewith the site and not worry that this would happen again.”
Unfortunately, Cohan said, “it is not in Amazon’s nature to beforthcoming with its financials. I hope they will be more forthcomingwith its tech problems.”
At Issue: Transparency
Amazon’s communication skills get a little more credit from Scott Testa, a professor of marketing at St. Joseph’s University. “The company is usually straightforward about what is going onthere,” he told the E-Commerce Times. “So it should really discloseeverything it knows about this event. Credit card data theft is a bigconcern for consumers.
“It follows that if a hacker can adjust sales rankings, he can accesscredit card information,” he said.
AMZN closed today at 77.22. This is down 2.55 since #amazonfail began, underperforming Dow, S&P, NASDAQ. Bezos is personally down $247.8 million.
Under most circumstances, it’s difficult to pinpoint a specific cause/effect relationship, for the very reason of the statistical noise you mention. Stock movement happens without any particular action on the company’s part. In this case, though, there *was* a specific action, and so far it has had specific results — just shy of $1.1B of market cap.
Whether such large losses will lead to a shareholder lawsuit is anyone’s guess.