A cross-border company with nearly 100 employees is on the verge of bankruptcy! The average daily loss exceeds one million

For Amazon sellers, account security is the lifeline of business operations. Once a store is blocked, not only will sales be interrupted, but it may also trigger a series of chain reactions such as financial losses and team layoffs.

However, in addition to account suspension due to illegal operations, many sellers’ accounts were frozen due to external emergencies.

Recently, the US$6.9 million monthly loss crisis suffered by KeaBabies, a well-known maternity and baby brand in Singapore , has once again put the security vulnerabilities of the Amazon platform in the spotlight.

Well-known big seller hacked

Recently, KeaBabies, a well-known maternal and infant brand in Singapore, issued an announcement stating that since January 16, 2025, its Amazon seller account has had serious security vulnerabilities. Hackers are accused of changing administrator emails and modifying associated bank accounts multiple times after gaining unauthorized access, resulting in the unauthorized withdrawal of 50,000 Australian dollars (about 31,617 US dollars) .

Here is what happened to Ivan:

KeaBabies founder and CEO Ivan Ong has been selling on Amazon as a third-party seller since 2017. In 2024, Ivan's brand sales on Amazon grew to $78 million, and the company sold on Amazon sites in the United States, Canada, Mexico, Australia, Germany, the United Kingdom, Spain, and France.

But a suspicious email from Amazon changed his fate.

Late at night on January 16, 2025, Ivan's phone suddenly received an Amazon login verification notification, indicating that his account was trying to log in from a device in Washington, USA. As it was late at night, Ivan did not take any action. However, in the early morning of the next day, a carefully planned hacker attack had been quietly completed.

Ivan discovered that the store administrator’s email address had been tampered with to ke*****@outlook.com, the login password was invalid, and the team completely lost access to the seller’s backend.

The hacker then modified the payment account of KeaBabies' Australian site, transferred 50,000 Australian dollars (about 31,600 US dollars) to an overseas bank account with the last number 927, and successfully bypassed Amazon's fund reserve period rules.

After the team urgently informed Amazon of the situation, the platform froze the seller's account directly.

This action caused the Amazon seller account of KeaBabies, a well-known maternity and baby brand that generated $78 million in revenue on Amazon in 2024, to be deactivated. And because it could not process orders, the seller lost about $230,000 (about 1.6772 million RMB) in sales every day , and the team of nearly 100 people also faced the dilemma of "no orders to process".

At present, hackers have withdrawn 31,600 US dollars, and more funds are yet to be tracked. The estimated monthly loss exceeds 6.9 million US dollars.

If this situation drags on, the company is facing an extremely high risk of bankruptcy and the business will be completely shut down.

It’s worth noting that the brand has yet to find the root cause of the hack, and Amazon is unable to determine whether it will be safe from hacker attacks even if Ivan’s account is restored.

Ivan suspects that the attackers may have bypassed the regular security approval process through Amazon's internal tools, and even does not rule out the possibility of "insiders collaborating in the crime."

At the same time, there are comments in Ivan’s post mentioning that other sellers have also encountered similar situations.

Amazon security breaches frequently occur

The KeaBabies incident is just the tip of the iceberg of security vulnerabilities on the Amazon platform. In recent years, similar incidents have occurred frequently and have evolved into a periodic "industry disease."

In 2016, a phishing link scam caused the victim to suffer the highest single loss of 215,000 yuan. This was because hackers implanted phishing links into the personal homepages of Amazon users, inducing users to enter bank card information or verification codes, and the victims were deceived through fake refund links in the hidden order function.

In September 2024, many sellers received an email impersonating "Amazon official", which stated that "Amazon official" was reviewing the seller's sales account and asked the seller to follow the steps. Some sellers lost 400,000 yuan overnight.

In January 2025, an Amazon seller posted that someone had hacked into his Amazon account, modified his bank account, and stole $1.1 million from it.

Such incidents occur frequently.

It is unforgettable that these scammers are extremely cunning and are good at taking advantage of the similarities between the sender's email address and Amazon's official domain name, making it difficult for many sellers to distinguish the authenticity and they fall into the trap without being careful.

Xiaozhi reminds all sellers to strengthen security precautions and never click on unknown links. At the same time, sellers can incorporate platforms such as Walmart and TikTok Shop into e-commerce business channels, and use multi-platform layout to disperse risks and reduce unnecessary losses.