After security researcher Chris Vickery discovered millions of records from Facebook Inc. users sitting unsecured on a public database, he tried for weeks to get Amazon.com Inc., owner of the servers where the data were stored, to take it down.
“We’re looking into the situation and assessing any extra steps we can take,” came the response from Amazon security staff on Feb. 21—three weeks after Vickery initially brought the data exposure to Amazon’s attention.
The trove in question included 540 million pieces of information, such as identification numbers, comments, reactions and account names, that had been culled from Facebook pages ...