I'm mostly surprised they allow so much power to phone reps. In my way-too-many years of using Amazon I've had to call them precisely once, about trying to get an SSD replaced that had died just outside of warranty (yes, they did replace it). I've placed at least 150 orders with them in the last three years alone, probably closer to 200, and have had to perform a handful of returns; all but that one were done online, very easily, and that special case existed only because I was outside the standard return window.
As the article points out, their web-based security seems pretty darn solid. Nearly any account change requires reauthenticating with your password, and only recently did they start to roll out support for a more persistent auth for viewing what most people would consider non-critical info (order history, etc). With the exception of a phone-based password reset - which should not cause a problem like the one described here - they could require even a web-based PIN (behind the login-wall, of course) for chat and phone support; live chat could skip this if the user already has a fresh auth.
I hope for everyone's sake that Amazon is able to prevent this kind of problem without harming their fantastic customer support. There's a reason I've averaged an order every 5.3 days this year (I can stop any time I want to, but thank you for your concern!)
As the article points out, their web-based security seems pretty darn solid. Nearly any account change requires reauthenticating with your password, and only recently did they start to roll out support for a more persistent auth for viewing what most people would consider non-critical info (order history, etc). With the exception of a phone-based password reset - which should not cause a problem like the one described here - they could require even a web-based PIN (behind the login-wall, of course) for chat and phone support; live chat could skip this if the user already has a fresh auth.
I hope for everyone's sake that Amazon is able to prevent this kind of problem without harming their fantastic customer support. There's a reason I've averaged an order every 5.3 days this year (I can stop any time I want to, but thank you for your concern!)