I'm interested because I purchased the nano x and want to make sure to protect myself.
Depending on when you purchased it, and whether or not your purchased it directly from Ledger or from a third party, you may or may not have had your personal details exposed. The data breach does not affect the integrity of your Ledger device itself.
Also, I'm no expert, but if you got hacked, why would you want to buy from Amazon and not directly from ledger?
Somewhat ironically, people who purchased through third party resellers such as Amazon (which the general advice was not to do) have been protected from this data breach since Ledger never had their personal details in their database.
My ledger live app is telling me i need to update firmware on the device. Is that safe to do? How do I know thats not a hack in itself to get your orivate key?
You can verify Ledger Live using the hashes and public key available here:
https://ledger-live-tools.now.sh/lld-signatures