Hacker Newsnew | past | comments | ask | show | jobs | submitlogin
AWS Closed My New Account
4 points by casenmgreen on Jan 15, 2023 | hide | past | favorite | 5 comments
I opened a new AWS account for business, in mid-December 2021.

Since opening I had not used the account, as I was finishing off old work in the existing account.

About twenty days after opening, I came to log in, and found the account had been deleted a few days before.

I had an email account specifically for AWS, for this account, which I checked now and then only, and in particular around this time I had not checked at all as I was experiencing (read "bedbound and aching all over"), and then recovering from, covid.

I examined the account, and found there was an email giving me one day of notice before the account was deleted.

In fact, there were two warning emails on the same day, in early January, giving different account closure dates, and of the two, the most recently received gave the one day of notice, and this it turned out was correct - an email came the next day informing me the account had been deleted.

In the two emails giving me notice the account was suspended, AWS asked for additional information about me and my business.

The emails begin by making a small ask - "at this time, we need you to confirm your address information" - and request for a utility bill.

You read that, and think, well, that seems perfectly reasonable.

Then you read on, and it progressively goes from address and utility bill, to;

* The billing address and phone number of the payment method on the AWS account

* The billing phone number of the payment method on the AWS account

* Business name and phone number

* The URL for your website

* A contact phone number where you can be reached for additional information

* Your reasons for using Amazon Web Services

It is repugnant, both for asking so much, and the way in which it goes about asking, by pretending at first to be reasonable, and then by the time you reach the end of the email, having become grasping.

All this is for an account which literally had not been used, not at all, not once, and was already most of a month old.

I may be wrong, but I think what this actually is, is AWS phishing for personal information, using security as a pretence, and that the account has been suspended as a coercive measure, for we must also consider the twenty day delay - I can imagine it will often be the case by this time, the account owner will have servers running, testing or running some systems they've made - and then the account is suspended. They cannot shut down those servers. They MUST hand over the information AWS demand.

I think companies more than anything want your phone numbers. Phone numbers are the modern unique identifier; they rarely change and cost money to obtain. Third party data collators collate based on phone number.



Since you haven't used the account, did you really lose anything? I think AWS closed the account because it was empty and they thought it was junk. I would just create a new one.


Well, the first thought is, why wouldn't it happen again?

And if it did happen once I had servers up, then I would have a problem.

Regarding the question, a little bit, but only a little bit, was lost by it.

I do not normally keep a phone number, and AWS require a phone number, to confirm identity via SMS, when opening an account. I bought a cheap phone and SIM, to receive that SMS, about 30 USD.


To be brutally honest, the problem sounds like a you problem.

You have a business, but no way to receive a sms. You had an empty account, you lost it? You used an email account you hardly check. Amazon isn’t this massive company because they are closing accounts with servers, that’s google cloud.

Now you spent a whole $30 when your ready again open a new account.

Your an edge case, and not doing any favors to make your life easier.


I may be wrong, but I think you are focusing too much on the practical consequences in this one case.

These consequences indeed are minimal - but that was due to luck, really, where I had not used the account.

If I had, and I had servers running, I would have been what on the face of it appears to be blackmailed into handing over sensitive, personal data.

There is also the question of AWS's procedures. One day of notice to close an account is not reasonable. It is a concern for any open accounts - on the face of it, it implies the need to check email from AWS every day and be ready to hand over any information AWS ask for, or your servers will shut down the next day.

What happens when you get sick? have covid, as I did? pow - servers all gone!

There's no discussion possible here, either, as Support take a few days to reply.

I may be wrong, but this is a concern.

I think you have to admit there is the possibility here for people to lose their accounts, without any chance of discussion, because they are unwell - and that is crazy; it's a flawed procedure.

"I was hit by a bus, in hospital with two broken legs and concussion, but my first priority was checking my AWS email every day! thank God AWS at least give one day of notice!"

(And the strangeness of two emails in the same day, with differing notice periods. What was going on, behind the scenes?)

I'm not looking to try again to open a new account, because I expect this to happen again.


[flagged]


>”Don’t fucking simp for Amazon. People do things different ways (hell, Amazon themselves barely have a phone number), and absent some indication of fraud their behavior is unreasonable.”

Easy solution for you. dont like their policies? dont do business with them.

if people create idle accounts on my own service id delete too. good news is you dont have to use it. :)




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: