>
Another day, another misconfigured database leaking sensitive customer data to the wider internet.
This time the culprit is none other than Amazon, according to TechCrunch (opens in new tab)Cybersecurity researcher Anurag Sen recently discovered a large Amazon database, without any password protection, available to anyone who knew where to look.
With the help of Shodan – a search engine for Internet-connected things, Sen discovered the database, called Sauron, and found it full of Amazon Prime viewing habits.
Implementation Error
In total, the database contained some 215 million entries of pseudonymised viewing data — meaning that while there is enough data on specific customers to learn more about their viewing habits, it’s virtually impossible to match those accounts with real identities. Sauron includes things like the name of the movie/series, the device used to stream the content, the network quality, the customer’s subscription, etc.
The database was reportedly first discovered in late September 2022, after which Amazon was tipped off and removed the system from the wider web.
“There was an implementation error with a Prime Video analytics server. This issue has been resolved and no account information (including login or payment information) has been released. This was not an AWS issue; AWS is secured by default and is running as designed,” TechCrunch quoted Amazon spokesperson Adam Montgomery.
Cloud misconfigurations are nothing new, and researchers have been warning for years that this man-made flaw is a major cause of data breaches. In fact, a 2021 IBM report claimed that 19% of data breaches occur because IT teams fail to properly protect the assets found in their cloud infrastructure. For the report, the company surveyed more than 500 organizations that had suffered a data breach and found that for half (52%), securing data stored in the public cloud remained a challenge.
In addition, a 2020 Accurics report claimed “almost all” cloud storage (opens in new tab) implementations were configured incorrectly.