Security of S3 buckets is not a new topic but recently there have been a number of high profile data breaches resulting from improperly secured or maintained buckets. For example the recent WWE breach where three million wrestling fans data was left in a publicly accessible bucket, you can read more about that here. AWS works on a shared responsibility model and while they provide all the tools to securely store objects and monitor them its up to customers to use these features, manage their internal processes and track changes.
The most important file in every WordPress install is wp-config.php, this file contains all of you database settings as well as other configuration settings. It is important to understand how to secure this file and how to use it to secure your site further.
Of course none of this matters if you don’t follow the basic security rules. Use secure passwords, update and backup often etc.