That's ridiculous. AWS provides infrastructure and tools, it's up to developers and companies to properly deploy them and implement the appropriate security.
Oh please. AWS can get super-complicated but, especially with the latest console updates, you really have to try to make S3 buckets public. There are good reasons for public buckets; I use them. At this point if you're kicking people, it really is on the developer (or the management of their app dev organization) if they make S3 buckets public "accidentally."