A database packed with Amazon Prime viewing habits stored on an internal Amazon server was found by a security researcher Anurag Sen, TechCrunch reported.
The Elasticsearch database named Sauron stored about 215 million entries of pseudonymised viewing data, including the name of the show, viewing time, device and internal data like network quality and subscription.
Shodan, a search engine for internet-connected things, cited that the database was first exposed on the internet on September 30.
According to the report, the database was accessible by anyone on the internet but not protected with a password. TechCrunch said, “the data within could be accessed by anyone with a web browser just by knowing its IP address.”
TechCrunch passed the information to Amazon. The database was inaccessible a little later, according to reports.
Amazon spokesperson Adam Montgomery said, "There was a deployment error with a Prime Video analytics server. This problem has been resolved and no account information (including login or payment details) was exposed. This was not an AWS issue; AWS is secure by default and performed as designed."