After users had their Amazon account passwords force-reset by the company itself, it has become apparent that a leak was possibly afoot.
In an email to customers, Amazon stated that it "recently discovered that your password may have been improperly stored on your device or transmitted to Amazon in a way that could potentially expose it to a third party." While this email assured users that the issue was fixed "to prevent this exposure," Amazon also made sure to point out that no third party will have had access to your private password information.
ZDNet reported that these warning emails were coming from both Amazon.com and Amazon.co.uk. While Amazon.com had implemented two-factor authentication for users recently, it's UK counterpart has not yet installed this safety mechanism.
There has been no official report released by Amazon in regards to this issue.