leaked-amazon-prime-video-server-exposed-users-viewing-habits

Share news article

Share on facebook
Share on twitter
Share on linkedin
Share on email

Leaked Amazon Prime Video Server Exposed Users Viewing Habits

Remember when a Chinese server leaked 7GB worth of data including fake Amazon reviews? Well now, an Elasticsearch database dubbed Sauron was left unprotected in cyberspace without any security authentication.

According to security researcher Anurag Sen, the database was stored on an internal Amazon server and contained Prime Video viewing habits.

This server was accessible on the internet because of the lack of password protection. Hence, the available data could have been accessed by someone accessing a web browser simply by entering its IP address.

It is worth noting that Sen found the database on September 30th, 2022 while scanning through the IoT search engine Shodan.

  1. Our TV Viewing Habits Can Be Monitored for the Benefit of Marketers
  2. Hundreds of Android Gaming Apps are Tracking Your TV Viewing Habits
  3. General Motors collected location & radio listening habits data of drivers
  4. A leaked database exposed the shopping habits of 35 million US residents

What Data was Exposed?

The exposed database contained 215 million records of pseudonymized viewing data. This includes the name of the movie or show being streamed, the device used for streaming the content, and similar internal data such as subscription information and network quality.

Basically, the database contained information about Amazon Prime customers. However, the data cannot be used to identify the customers by name. Still, this security lapse again highlights the drawbacks and dangers of misconfigured internet-facing servers left online without passport protection.

What caused the Issue?

Amazon spokesperson Adam Montgomery told TechCrunch that the issue was caused by ‘deployment errors with a Prime Video analytics server.’ When Amazon was notified about the exposed database, the company took necessary steps to make it inaccessible.

The database was protected shortly after Amazon received information about it. The company confirmed that login and payment card data or account details were safe, while the exposed data was pseudonymized.

  1. Amazon data breach: Personal details of customers leaked
  2. Secret Pentagon Files Left Unprotected on the Amazon Server
  3. Amazon sent 1,700 audio recordings of Alexa user to a stranger
  4. Critical Amazon Ring Vulnerability Could Expose Camera Recordings
  5. Amazon Database Exposed US Military’s Social Media Spying Campaign

Author

I am a UK-based cybersecurity journalist with a passion for covering the latest happenings in cyber security and tech world. I am also into gaming, reading and investigative journalism

Related News

Nearly 500 million WhatsApp User Records Sold Online

Nearly 500 million WhatsApp User Records Sold Online

In what is becoming a rather common trend, a threat actor is claiming to sell 487 million WhatsApp users’ mobile…
How to Create ISO Files from Discs – 3 Best Ways

How to Create ISO Files from Discs – 3 Best Ways

An ISO file is a disk image of an optical disc. It is a single file that contains all the…
All You Need to Know About Emotet in 2022

All You Need to Know About Emotet in 2022

For 6 months, the infamous Emotet botnet has shown almost no activity, and now it’s distributing malicious spam. Let’s dive…