Pocket iNet Leaves 73 GB of Sensitive Data Exposed
October 24, 2018 / Kacy Zurkus
A Washington State internet provider, Pocket iNet, left an AWS S3 server exposed online without a password, according to UpGuard. The UpGuard cyber-risk team reported that the information exposed included 73 gigabytes of downloadable data, which included passwords and other sensitive files, ranging from spreadsheets to pictures and diagrams. Upguard discovered and reported the exposed bucket, named pinapp2, on October 11, 2018, though Pocket iNet was initially unable to confirm the exposure. After a week’s time, the exposure was secured, according to an Upguard blog post. “Due to the severity of this exposure, UpGuard expended significant effort during those seven days, repeatedly contacting Pocket iNet and relevant regulators, including using contact information found within the exposed dataset,” Upguard wrote.