A database containing Amazon Prime Video users’ viewing habits, which was stored on an internal Amazon server, was accidentally exposed online and could be accessed by anyone with a web browser.
Anurag Sen, a cyber-security researcher, discovered the database containing Amazon Prime viewing habits on an internal Amazon server that was accessible online.
According to TechCrunch, the database was first detected as being exposed to the internet on September 30 by the search engine Shodan.
“But because the database was not protected with a password, the data within could be accessed by anyone with a web browser just by knowing its IP address,” the report noted.
The database contained nearly 215 million viewing data entries, such as the name of the show or movie being streamed, the device on which it was streamed, and other internal data. The Amazon Prime Video database was eventually taken down from the Internet. According to an Amazon spokesperson, there was a “deployment error with a Prime Video analytics server.”
“This problem has been resolved and no account information (including login or payment details) was exposed. This was not an AWS issue; AWS is secure by default and performed as designed,” the spokesperson added.
‘The Lord of the Rings: The Rings of Power’ attracted more than 25 million global viewers on its first day, the largest debut in Prime Video history, and is closing in on 100 million viewers to date, according to the company’s latest Q3 earnings call. It also kicked off Prime Video’s inaugural season as the exclusive home of NFL Thursday Night Football with over 15 million viewers for its first game.
Read the full article here