Twin Cities internet company plugs email server leak
Go Deeper.
Create an account or log in to save stories.
Like this?
Thanks for liking this story! We have added it to a list of your favorite stories.
A major Twin Cities internet provider said that it immediately fixed a problem that led to the inadvertent publication of thousands of emails.
U.S. Internet CEO Travis Carter said that in early 2023, an employee misconfigured security settings on a legacy email server and unwittingly made hundreds of thousands of messages from the last 15 years available on the public internet.
In a phone interview with MPR News on Thursday, Carter said that no credit card or Social Security numbers were made public, and customers of the company’s fiber optic internet service were not affected.
The messages made public included USI’s own internal emails and those of thousands of clients of its Securence email service.
Turn Up Your Support
MPR News helps you turn down the noise and build shared understanding. Turn up your support for this public resource and keep trusted journalism accessible to all.
Carter said his company is notifying affected customers and is hiring a cybersecurity firm to review the incident.
“[It was] my fault that we didn’t have the checks and balances we should have had in place on this platform, but hindsight is 20/20,” Carter said.
USI’s Securance division provides spam filtering and anti-phishing services to business, government, and other institutional clients. Carter said that a few of those clients also contract with Securance to operate email systems that have been around since the 1990s. Carter said it was only these legacy systems, not the filtering services, that were affected.
While a large number of emails were exposed online, Carter said a preliminary review indicates that only a small fraction of the messages were downloaded by unauthorized users.
“Our first wave of what was actually taken was relatively small. Less than 500 emails were taken,” Carter said.
Milwaukee cybersecurity consultant Alex Holden discovered the problem last week, which was first reported by the technology website Krebs on Security.
Holden said in a separate interview with MPR News that while doing work for a client, he and his team found a list of internet domain names that included links to the email folders.
“These open directories were found to be available quite quickly and in certain searches they were in the top 10 results.”
Holden said that he discovered the page using the search engine Bing and later found that search engines based in China had also indexed it.
He credited USI for its “impressive quick response” to remove the data after learning of the problem.