Whois SQL database of APNIC exposed

Asia Pacific Network Information Centre (APNIC), the Regional Internet Registry (RIR) for Asia-Pacific area, has reported the resolution of a security incident.

The incident, which was detected during RDAP (Registration Data Access Protocol) server maintenance, resulted in a Whois SQL database dump file stored in a misconfigured Google Cloud bucket, which left the file exposed for 3 months.

APNIC already fixed the configuration error, deleted the database copy and reset passwords of affected users, with no evidence of suspicious activity.