Twin Cities internet company plugs email server leak

Twin Cities internet company plugs email server leak

A major Twin Cities internet provider said that it immediately fixed a problem that led to the inadvertent publication of thousands of emails.

U.S. Internet CEO Travis Carter said that in early 2023, an employee misconfigured security settings on a legacy email server and unwittingly made hundreds of thousands of messages from the last 15 years available on the public internet.

In a phone interview with MPR News on Thursday, Carter said that no credit card or Social Security numbers were made public, and customers of the company’s fiber optic internet service were not affected.

The messages made public included USI’s own internal emails and those of thousands of clients of its Securence email service.

MPR News is supported by Members. Gifts from individuals power everything you find here. Make a gift of any amount today to become a Member!

Carter said his company is notifying affected customers and is hiring a cybersecurity firm to review the incident.

“[It was] my fault that we didn’t have the checks and balances we should have had in place on this platform, but hindsight is 20/20,” Carter said.

USI’s Securance division provides spam filtering and anti-phishing services to business, government, and other institutional clients. Carter said that a few of those clients also contract with Securance to operate email systems that have been around since the 1990s. Carter said it was only these legacy systems, not the filtering services, that were affected.

While a large number of emails were exposed online, Carter said a preliminary review indicates that only a small fraction of the messages were downloaded by unauthorized users.

“Our first wave of what was actually taken was relatively small. Less than 500 emails were taken,” Carter said.

Milwaukee cybersecurity consultant Alex Holden discovered the problem last week, which was first reported by the technology website Krebs on Security.

Holden said in a separate interview with MPR News that while doing work for a client, he and his team found a list of internet domain names that included links to the email folders.

“These open directories were found to be available quite quickly and in certain searches they were in the top 10 results.”

Holden said that he discovered the page using the search engine Bing and later found that search engines based in China had also indexed it.

He credited USI for its “impressive quick response” to remove the data after learning of the problem.

Related Posts