Vulnerabilities sharing maps/content to only "My Groups"

Discussion created by mateo3571 on Oct 24, 2018
Latest reply on Nov 1, 2018 by mateo3571

I'm relatively new to ArcGis and creating/sharing web mapping applications. I'm the sole proprietor of my business. I plan to develop maps that can only be accessed/viewed by only my clients which have paid me for my service (this could be 100's of people). Here's a brief overview of the structure of my Organization: 

- Single Use ArcGis Pro license

- Only one member is allowed to be associated to my organization (me - the sole proprietor)

- I have one Group with one member (me)


Last night I uploaded a Shapefile containing sensitive data to my Contents page on ArcGis Online. I shared the Shapefile to only my Group (triple checking it cannot be viewed by the public). I then created a map on ArcGis Online and associated the Shapefile. I made sure the map was only shared to my Group, not the public. Once the map was fully developed, I created a Web Map Application so I could generate a short link and view the map on mobile devices. Again, I was very careful to only share to my Group. I checked all possible options to make sure this map and it's contents are private and can only be seen by my Group/myself (for now while I do some testing). 


This morning when I accessed my ArcGis Online account, I went to the Contents page and saw the Usage for my Shapefile feature set had 530 requests to download. My Web Application had over 50 views. This is very serious and could destroy my business if this information has been copied and distributed. What did I do wrong to expose my sensitive data to the world?!!? There is no way I made these files and map available to the public, unless there's a hidden setting that makes my private file available to the public. 


Please advise. 


Thank you.