Amazon has agreed to pay $2.5 billion to settle allegations brought by the Federal Trade Commission over how it enrolled customers in Prime and how difficult it made cancellation. 

The FTC alleged Amazon enrolled millions of consumers without clear consent and failed to provide a simple way to cancel.

“The evidence showed that Amazon used sophisticated subscription traps designed to manipulate consumers into enrolling in Prime, and then made it exceedingly hard for consumers to end their subscription,” Federal Trade Commission Chairman Andrew N. Ferguson said.

Rather than proceed to trial, Amazon chose to settle the case. The company did not admit liability and says it has already made changes to Prime enrollment and cancellation flows. Still, the agreement stands as the second-largest monetary judgment ever secured by the Federal Trade Commission.

ALEXA.COM BRINGS ALEXA+ TO YOUR BROWSER

Sign up for my FREE CyberGuy Report
Get my best tech tips, urgent security alerts and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide — free when you join my CYBERGUY.COM newsletter.

How the $2.5 billion settlement breaks down

The court-ordered settlement is divided into two parts. First, Amazon must pay a $1 billion civil penalty to the federal government. As a result, this marks the largest civil penalty ever tied to a violation of an FTC rule. Second, $1.5 billion is set aside for consumer refunds. Eligible Prime subscribers may receive compensation for Prime membership fees paid during the covered period, capped at $51 per person. Because this is an FTC action, only U.S.-based Prime subscribers qualify. Therefore, customers outside the United States are not eligible.

Who qualifies for an Amazon Prime refund

You may qualify for compensation if either of the following applies.

• First, you signed up for Amazon Prime in the United States between June 23, 2019, and June 23, 2025.
• Alternatively, you attempted to cancel Prime through the online cancellation process during that same period but were unable to complete it. This includes entering the cancellation flow and not finishing or accepting a Save Offer.

To confirm when you joined Prime, log in to your Amazon account. Then go to Memberships and Subscriptions and select Payment history under Prime.

How Amazon is issuing refunds

Under the settlement, refunds are distributed in two groups based on eligibility.

Automatic Payment Group

Some consumers qualified for automatic payments.

• You were eligible if you signed up for Prime between June 23, 2019, and June 23, 2025, enrolled through a challenged enrollment flow and used no more than three Prime benefits in any 12-month period.
• Automatic payments were issued within 90 days of the court order, with most eligible customers receiving funds by late December 2025. These payments covered Prime membership fees paid up to $51. No claim was required.

However, if you believe you qualified for an automatic payment but did not receive one, you may still be eligible to file a claim.

Claims Process Payment Group

At this point, the claims process is the primary path for refunds. The claims window opened January 5, 2026. Eligible consumers are being notified by email or postcard through early February. You may qualify to file a claim if you unintentionally enrolled in Prime through a challenged enrollment method or tried but failed to cancel your membership online between June 23, 2019, and June 23, 2025, and used fewer than 10 Prime benefits during any 12-month period. In addition, you must not have already received an automatic payment. To file a claim, you will need to confirm one of two conditions by checking a box on the claim form. Claims are reviewed for eligibility. Approved claims receive compensation for Prime fees paid, capped at $51 per person.

Where to file a Prime settlement claim

If you are eligible to file a claim, official instructions will be provided by email or mail. You can also access the court-approved settlement site directly at: subscriptionmembershipsettlement.com.

Links to the settlement site are also available on Amazon’s website, the Prime membership page and within the Amazon app.

THE WEEK’S BEST AMAZON HOME DEALS: SAVE 40% OR MORE ON PILLOWS, BLENDERS, VACUUMS AND MORE

Even if you do not qualify for a refund, this settlement is a strong reminder to review your subscriptions and confirm you are paying only for services you actively use. Here’s how to cancel a subscription using your iPhone and Android.

“Payments are being handled by the settlement administrator. Customers can find information and submit claims at the administrator’s website subscriptionmembershipsettlement.com,” an Amazon spokesperson told CyberGuy.

How to add or manage your Amazon Prime account

If you already have an Amazon account, adding or managing Prime takes only a few minutes. First, log in to Amazon and open the Accounts and Lists menu. From there, select Prime to view your membership details. Next, follow the prompts to add Prime or manage an existing subscription. Amazon displays pricing, billing dates and available benefits before you confirm. For that reason, review each screen carefully so you know exactly what you are agreeing to. For more on “How to get a cheap Amazon Prime membership,” click here.

Take my quiz: How safe is your online security?

Think your devices and data are truly protected? Take this quick quiz to see where your digital habits stand. From passwords to Wi-Fi settings, you’ll get a personalized breakdown of what you’re doing right and what needs improvement. Take my Quiz here: Cyberguy.com.

Kurt’s key takeaways

Overall, this settlement sends a clear message about subscription transparency. While a $51 refund may feel modest, the broader impact matters. Regulators are forcing companies to simplify signups and make cancellations easier. If you ever felt trapped in a subscription you did not intend to start, this case shows enforcement is finally catching up to deceptive design tactics.

Have you ever tried to cancel a subscription and felt blocked or misled along the way? Let us know by writing to us at Cyberguy.com.

CLICK HERE TO DOWNLOAD THE FOX NEWS APP

Sign up for my FREE CyberGuy Report
Get my best tech tips, urgent security alerts and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide – free when you join my CYBERGUY.COM newsletter.

Copyright 2026 CyberGuy.com. All rights reserved.

It was too cold to take off my mittens and check Google Maps so I put my faith in the trickle of bundled-up people ahead of me. All of them were carrying signs and wearing whistles around their necks on top of layers and layers of winter clothing. At first there were dozens of us walking toward Government Plaza, across the street from Minneapolis City Hall, and within a block it was hundreds. By the time I arrived it was thousands. Some reports said five to ten thousand, but on the ground, it felt like a single vibrating mass that was too large to count.

I made my way through the throng, repeating “excuse me” and “pardon me” despite the din because the people here are above all else unfailingly polite. Someone offered me a “Fuck ICE“ pin. Someone else offered me a chocolate-chip cookie. Another offered me a red vuvuzela. All three declined to be named or interviewed.

Friday, January 30 was the second general strike in the Twin Cities since federal immigration officers killed Alex Pretti. This one was reportedly organized by Somali and Black student groups at the University of Minnesota. Unlike the first strike, held last week and endorsed by local unions, this Friday’s was more hastily organized than the first economic blackout. I heard murmurs of lower turnout this time around, which was difficult to square with the fact that the plaza was so crowded that I didn’t understand how more people could possibly fit. And yet Minnesotans kept coming. The light-rail car pulled in and through the windows I saw the people inside were standing shoulder to shoulder, and they poured out and somehow filled space that wasn’t there.

They chanted: “No more Minnesota nice, Minneapolis will strike.”

Unlike the ongoing protests outside the Whipple Federal Building, the staging area from which ICE agents depart in unmarked cars to hunt down immigrants, the mood at the City Hall rally was almost jubilant, despite the under-current of outrage and terror that is present everywhere here. At Whipple, people jeer and yell at federal agents and local sheriff’s deputies alike, and their taunts are often met with flash bangs and pepper spray. Today, there appeared to be no such danger at the City Hall rally, but if the people of Minneapolis have learned anything over the past few weeks, it’s that danger lurks around every corner. You can be sitting in your car and be killed by a federal agent. You can be doing ICE watch and be killed by a federal agent. You can be protesting that killing and be arrested by federal agents. You can be walking or driving to work and be snatched by a federal agent. You can blow a whistle to alert your neighbors that federal agents are snatching someone off the street, and you’ll end up, at the very least, pepper sprayed by a federal agent. Medics milled about, prepared for the worst.

Helicopters circled overhead. Volunteer marshals in neon vests, stationed at nearly every entrance and street corner, directed the crowd. One warned me about the ice; I didn’t hear her and slipped, but a woman behind me caught my fall.

Cargo theft is no longer just about stolen trucks and forged paperwork. Over the past year, security researchers have been warning that hackers are increasingly targeting the technology behind global shipping, quietly manipulating systems that move goods worth millions of dollars. 

In some cases, organized crime groups use hacked logistics platforms to redirect shipments, allowing criminals to steal goods without ever setting foot in a warehouse. One recent case involving a critical U.S. shipping technology provider shows just how exposed parts of the supply chain have been, and for how long.

Sign up for my FREE CyberGuy Report Get my best tech tips, urgent security alerts and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide — free when you join my CYBERGUY.COM newsletter     

A key shipping platform was left wide open

CRIME RINGS, HACKERS JOIN FORCES TO HIJACK TRUCKS NATIONWIDE, FUELING MAJOR HOLIDAY SHIPPING SECURITY FEARS

The company at the center of this incident is Bluspark Global, a New York-based firm whose Bluvoyix platform is used by hundreds of companies to manage and track freight moving around the world. While Bluspark isn’t a household name, its software supports a large slice of global shipping, including major retailers, grocery chains and manufacturers.

For months, Bluspark’s systems reportedly contained basic security flaws that effectively left its shipping platform exposed to anyone on the internet. According to the company, five vulnerabilities were eventually fixed, including the use of plaintext passwords and the ability to remotely access and interact with the Bluvoyix platform. These flaws could have given attackers access to decades of shipment records and customer data.

Bluspark says those issues are now resolved. But the timeline leading up to the fixes raises serious concerns about how long the platform was vulnerable and how difficult it was to alert the company in the first place.

How a researcher uncovered the flaws

Security researcher Eaton Zveare discovered the vulnerabilities in October while examining the website of a Bluspark customer. What started as a routine look at a contact form quickly escalated. By viewing the website’s source code, Zveare noticed that messages sent through the form passed through Bluspark’s servers using an application programming interface, or API.

From there, things unraveled fast. The API’s documentation was publicly accessible and included a built-in feature that allowed anyone to test commands. Despite claiming authentication was required, the API returned sensitive data without any login at all. Zveare was able to retrieve large amounts of user account information, including employee and customer usernames and passwords stored in plaintext.

Worse, the API allowed the creation of new administrator-level accounts without proper checks. That meant an attacker could grant themselves full access to Bluvoyix and view shipment data going back to 2007. Even security tokens designed to limit access could be bypassed entirely.

Why it took weeks to fix critical shipping security flaws

One of the most troubling parts of this story isn’t just the vulnerabilities themselves, but how hard it was to get them fixed. Zveare spent weeks trying to contact Bluspark after discovering the flaws, sending emails, voicemails, and even LinkedIn messages, without success.

With no clear vulnerability disclosure process in place, Zveare eventually turned to Maritime Hacking Village, which helps researchers notify companies in the shipping and maritime industries. When that failed, he contacted the press as a last resort.

Only after that did the company respond, through its legal counsel. Bluspark later confirmed it had patched the flaws and said it plans to introduce a formal vulnerability disclosure program. The company has not said whether it found evidence that attackers exploited the bugs to manipulate shipments, stating only that there was no indication of customer impact. It also declined to share details about its security practices or any third-party audits.

10 ways you can stay safe when cyberattacks hit supply chains

Hackers can break into a shipping or logistics platform without you ever realizing your data was involved. These steps help you reduce risk when attacks like this happen.

1) Watch for delivery-related scams and fake shipping notices

After supply chain breaches, criminals often send phishing emails or texts pretending to be shipping companies, retailers, or delivery services. If a message pressures you to click a link or “confirm” shipment details, slow down. Go directly to the retailer’s website instead of trusting the message.

2) Use a password manager to protect your accounts

If attackers gain access to customer databases, they often try the same login details on shopping, email, and banking accounts. A password manager ensures every account has a unique password, so one breach doesn’t give attackers the keys to everything else.

Next, see if your email has been exposed in past breaches. Our #1 password manager (see Cyberguy.com) pick includes a built-in breach scanner that checks whether your email address or passwords have appeared in known leaks. If you discover a match, immediately change any reused passwords and secure those accounts with new, unique credentials.

Check out the best expert-reviewed password managers of 2026 at Cyberguy.com

3) Reduce your exposed personal data online

Criminals often combine data from one breach with information scraped from data broker sites. Personal data removal services can help reduce how much of your information is publicly available, making it harder for criminals to target you with convincing scams.

While no service can guarantee the complete removal of your data from the internet, a data removal service is really a smart choice. They aren’t cheap, and neither is your privacy. These services do all the work for you by actively monitoring and systematically erasing your personal information from hundreds of websites. It’s what gives me peace of mind and has proven to be the most effective way to erase your personal data from the internet. By limiting the information available, you reduce the risk of scammers cross-referencing data from breaches with information they might find on the dark web, making it harder for them to target you.

Check out my top picks for data removal services and get a free scan to find out if your personal information is already out on the web by visiting Cyberguy.com

Get a free scan to find out if your personal information is already out on the web: Cyberguy.com

4) Run strong antivirus software on your devices

Strong antivirus software can block malicious links, fake shipping pages, and malware-laced attachments that often follow high-profile breaches. Keeping real-time protection enabled adds an important layer when criminals try to exploit confusion.

The best way to safeguard yourself from malicious links that install malware, potentially accessing your private information, is to have strong antivirus software installed on all your devices. This protection can also alert you to phishing emails and ransomware scams, keeping your personal information and digital assets safe.

Get my picks for the best 2026 antivirus protection winners for your Windows, Mac, Android & iOS devices at Cyberguy.com

HUGE DATA LEAK EXPOSES 14 MILLION CUSTOMER SHIPPING RECORDS

5) Enable two-factor authentication wherever possible

Two-factor authentication (2FA) makes it much harder for attackers to take over accounts, even if they have your password. Prioritize email, shopping accounts, cloud storage and any service that stores payment or delivery information.

6) Review your account activity and delivery history

Check your online shopping accounts for unfamiliar orders, address changes, or saved payment methods you don’t recognize. Catching changes early can prevent fraud from escalating.

7) Consider identity theft protection

Identity theft protection services can alert you to suspicious credit activity and help you recover if attackers access your name, address or other personal details. Identity Theft companies can monitor personal information like your Social Security Number (SSN), phone number, and email address and alert you if it is being sold on the dark web or being used to open an account. They can also assist you in freezing your bank and credit card accounts to prevent further unauthorized use by criminals.

See my tips and best picks on how to protect yourself from identity theft at Cyberguy.com

8) Place a free credit freeze to stop new fraud

If your name, email, or address was exposed, consider placing a credit freeze with the major credit bureaus. A freeze prevents criminals from opening new accounts in your name, even if they obtain additional personal data later. It’s free, easy to lift temporarily, and one of the most effective steps you can take after a breach. To learn more about how to do this, go to Cyberguy.com and search “How to freeze your credit.” 

9) Lock down your shipping and retailer accounts

Review the security settings on major shopping and delivery accounts, including retailers, grocery services and shipping providers. Pay close attention to saved delivery addresses, default shipping locations and linked payment methods. Attackers sometimes add their own address quietly and wait before making a move.

10) Businesses should review third-party logistics access

If you run a business that relies on shipping or logistics platforms, incidents like this are a reminder to review vendor access controls. Limit administrative permissions, rotate API keys regularly, and confirm vendors have a clear vulnerability disclosure process. Supply chain security depends on more than just your own systems.

Kurt’s key takeaway

Shipping platforms sit at the intersection of physical goods and digital systems, making them attractive targets for cybercriminals. When basic protections like authentication and password encryption are missing, the consequences can spill into the real world, from stolen cargo to supply chain disruption. The incident also highlights how many companies still lack clear, public ways for researchers to report vulnerabilities responsibly.

Do you think companies that quietly power global supply chains are doing enough to protect themselves from cyber threats?  Let us know by writing to us at Cyberguy.com

CLICK HERE TO DOWNLOAD THE FOX NEWS APP

Sign up for my FREE CyberGuy Report Get my best tech tips, urgent security alerts and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide — free when you join my CYBERGUY.COM newsletter 

Copyright 2026 CyberGuy.com.  All rights reserved.