If you are a Prime Video user, chances are your watching habits stored on an internal Amazon server were accidentally made public, which anyone could access.
Anurag Sen, a cybersecurity researcher, found the database which had viewer data of Amazon’s streaming service. The database was not even protected by a password, which means anyone could simply access it if they knew where to look.
TechCrunch reports that the Elasticsearch database which is dubbed “Sauron” had 215 million entries of viewing data. This included things such as which show or film from Prime Video was being watched on which device. Other details included internal data such as the network quality, as well as the details about the users’ subscription plans.
The Prime Video database cannot be accessed anymore, and an Amazon spokesperson told out the outlet that “There was a deployment error with a Prime Video analytics server. This problem has been resolved and no account information (including login or payment details) were exposed. This was not an AWS issue; AWS is secure by default and performed as designed.”
While there were an incredible number of entries on the database, TechCrunch noted that there were no details there that could be used to personally identify the streaming service’s subscribers.