APNIC recorder responsible for the distribution of IP addresses in the Asia-Pacific region, said The incident, as a result of which the WHOIS SQL dump came to open access, including confidential data and hash passwords. It is noteworthy that this is not the first leakage of personal data in Apnic – in 2017 the Base WHOIS software has already fallen into open access and also toast personnel.
In the process of implementing the support of the Protocol rdap , designed to replace the WHOIS protocol, Apnic employees posted a SQL dump used in the service WHOIS, in the Google Cloud cloud storage, but did not limit access to it. Due to the error in the settings for three months, the SQL dump was available publicly and this fact was revealed only on June 4, when one of the independent security researchers drew attention to this and notified the registrar about the problem.