U.S. Internet Exposes Decade's Worth of Emails in Data Breach
U.S. Internet Corp.'s business unit, Securence, has inadvertently published over a decade's worth of internal emails and emails of Securence clients in plain text on the Internet. This breach puts the security and privacy of businesses, educational institutions, and government agencies worldwide at risk.
The Breach
U.S. Internet Corp., a Minnesota-based Internet provider, has faced a major data breach. The breach was discovered by cybersecurity firm Hold Security, which found a public link to a U.S. Internet email server listing over 6,500 domain names, each with its own clickable link. These links provided access to inboxes containing internal emails dating back to 2008.
Among the exposed customers were state and local governments, including the official website of North Carolina and the governments of Stillwater, Minnesota and Frederick, Maryland. Additionally, the breach included the internal messages of U.S. Internet and its subsidiary USI Wireless, including those of CEO Travis Carter.
Response and Explanation
Upon notification, U.S. Internet quickly removed the published inboxes from the Internet and launched an investigation into the breach. However, the company's CEO, Travis Carter, provided a vague technical explanation for the breach, blaming an incorrect configuration in the Ansible playbook that controls the Nginx configuration for their IMAP servers. It is unclear how long these messages were exposed and the company has not shared further details.
Moreover, it was discovered that hackers were abusing Securence's link scrubbing and anti-spam service, Url-Shield, to redirect visitors to malicious websites. This highlights further security vulnerabilities in U.S. Internet's systems.
Implications and Concerns
U.S. Internet's data breach raises serious concerns about its competence and ability to handle sensitive information securely. The company has not provided sufficient transparency or accountability regarding the breach and has not updated its website or issued a public statement about the incident. This lack of transparency and response is troubling and calls into question their ability to manage email services for businesses, educational institutions, and government agencies.
Authorities and regulators should take decisive action in response to this incident, ensuring that U.S. Internet undergoes a thorough security revamp and demonstrates a commitment to transparency and data protection before being entrusted with managing any organization's email.