Thanks guys for the insight. I just wasn't aware of how they got this info......I generally don't trust anything online and wasn't sure what Amazon was up to.
Either way, I'll start updating my passwords on all the sites I normally visit and write them all down on my blog......I keed, I keed......  

Beepster
PS:
 
Do NOT click any links in any emails to change passwords and the like. Manually type the website address into your browser (or navigate to it in a way you can be sure you are not visiting a spoof site), manually log into the site and THEN change any info as needed.
 
I'm sure you know this but it's worth repeating.
 
In this case you can even call Amazon to verify what's up. They do have a phone number... although they do bury it as much as possible.

Absolutely.....got that part covered. Thanks Beeps!!
I was just being lazy with changing passwords to all these sites....

Mesh
Thanks guys for the insight. I just wasn't aware of how they got this info......I generally don't trust anything online and wasn't sure what Amazon was up to.
Either way, I'll start updating my passwords on all the sites I normally visit and write them all down on my blog......I keed, I keed......  

Maybe do a Virus and Malware scan of the system first to do a sweep for any keylogging nonsense or other nasties.
 
Malwarebytes is a good program to have for such things. HiJackThis is something to look into as well for real nasty bugs but it's very difficult to use properly because you need to understand its reports and how to use its cleaner without destroying your system.
 
Cheers.

It sounds like a bogus email to me.
 
Without getting into technical details, the fact that it doesn't contain links but directs you to go to the website doesn't make it absolutely safe or trustworthy.

Someone in California hijacked my paypal account and started buying bitcoins on ebay.  But he's BUSTED!  They never get away with it, not sure why these folks persist. BTW those folks who blame a prison  cartel as the reason so many people are in jail are bogus...there are alot of criminals in the world (mostly dumb).  I agree soft drug laws need to be revisited, but other than that why not follow the law?

drewfx1
It sounds like a bogus email to me.
 
Without getting into technical details, the fact that it doesn't contain links but directs you to go to the website doesn't make it absolutely safe or trustworthy.

Well, the only link given was to Amazon.com. I opened up Amazon in a separate browser and checked the messages in my account and the same email message was in there. That's when I replied to them asking those questions. It seems valid to me.

Do:
Run Powershell
 
Then at the command prompt: 
Resolve-DNSName amazon.com
 
What do you get? It should return IP's like these:
 
Name Type TTL Section IPAddress
---- ---- --- ------- ---------
amazon.com A 32 Answer 54.239.17.6
amazon.com A 32 Answer 54.239.26.128
amazon.com A 32 Answer 54.239.17.7
amazon.com A 32 Answer 54.239.25.200
amazon.com A 32 Answer 54.239.25.208
amazon.com A 32 Answer 54.239.25.192

http://www.gohacking.com/dns-hijacking/
 

eph221
Someone in California hijacked my paypal account and started buying bitcoins on ebay.  But he's BUSTED!  They never get away with it, not sure why these folks persist. 

Do you seriously believe that "they" never get away with it? Unsophisticated cyber-criminals, like unsophisticated credit card or check fraud criminals or burglars occasionally get caught, but the majority of internet criminals are never even correctly identified as individuals, and many are working from jurisdictions where, even if they are known, they cannot be apprehended or charged. Law enforcement touts their successes and downplays their failures. Many multi-million dollar heists of major banking institutions are not even reported because the victims do not want to make customers wary of using the internet. Frankly, yours is the first first-person case I have ever heard of where such a criminal was caught. 
 
http://www.infoworld.com/article/2618598/cyber-crime/why-internet-crime-goes-unpunished.html
 
http://www.cybercrimejournal.com/Brown2015vol9issue1.pdf
 
http://www.digital-trust.org/news/cybercrime-is-the-most-under-reported-under-investigated-crime-in-the-uk%202015
 
http://www.prospectmagazine.co.uk/sponsored/why-sensible-criminals-choose-cybercrime
 
http://www.cyberdefensereview.org/2015/04/07/organized-cyber-crime/
 
 

Why'd you put *they* in quotes?  It's kind of interesting isn't it?