Flush your Amazon credentials now

The source post is from the 24th, am I wrong to be skeptical of the true severity of this?

&gt; Until the scope of the problem is clear, you should also consider flushing your credentials on any AWS root or IAM accounts<p>Amazon and AWS auth was finally split late last year I think?

First posted here, and correctly flagged because it&#x27;s garbage.<p><a href="https:&#x2F;&#x2F;news.ycombinator.com&#x2F;item?id=35710854" rel="nofollow">https:&#x2F;&#x2F;news.ycombinator.com&#x2F;item?id=35710854</a><p>also linked here <a href="https:&#x2F;&#x2F;news.ycombinator.com&#x2F;item?id=35710854" rel="nofollow">https:&#x2F;&#x2F;news.ycombinator.com&#x2F;item?id=35710854</a> also flagged.

It&#x27;s not the case here, but I&#x27;d like to caution everyone that &quot;your XYZ account was compromised, click here to change the password immediately!!&quot; is a very common type of phishing attack. It&#x27;s best to do your own due diligence and otherwise rely on official communication over random blog posts.

If this is true Amazon should force everyone to reset their passwords next time they visit the site

I got a strange ״change your password” message when I logged into my AWS root account yesterday.

If it was serious then Amazon would have a massive obligation to be issuing this advice.

Amazon has had a really tough day today, damn.