...
After seeing the mail, Bruce sent an inquiry to the team about it and Nick responded with indication that it appeared that the site had been taken over. I looked at the DNS on GoDaddy, confirmed that the record was still pointing to the bucket, and on AWS that the bucket was indeed deleted (Bruce, Marco and I deleted as part of SAGL-78 last week).
...
Remediation (PLFM-8997)
I deleted the DNS record, which essentially moves the problem off the ‘sagebase.org’ domain.
...
delete DNS record that points to an S3 bucket when deleting the bucket
require domain validation (https)
do not use bare S3 buckets as websites, put them behind a Cloudfront distribution
alternatively, do not delete the bucket, set up a redirect and keep it locked down
preemptive steps:
review DNS records in sageit/synapse and delete dangling records (PLFM-8998)
follow best practices for DNS management in organization