AWS S3 bucket writeable for authenticated aws users

Hi All, I know that hackerone-attachments is used for file uploads on reports and so I did a quick scan for similar buckets and found ████████████████. While I can't confirm if you own it or not, it appears that it is publicly writable using the aws cli. When I tried to write to hackerone-attachments, I get: "move failed: ./test.txt to s3://hackerone-attachements/test.txt A client error (AccessDenied) occurred when calling the PutObject operation: Access Denied. However, when I write to ████████████████, I get: move: ./test.txt to s3://████████████████/test.txt Hopefully the bucket is yours and this isn't a waste of time. If you do own it, a good thing is the bucket is not publicly readable and the file appears private by default after being written. However, assuming you own it, the security issue would be someone writing something malicious and someone on your team unknowingly opening it. Pete