USPS Site Exposed Data on 60 Million Users

Brian Krebs reports:

U.S. Postal Service just fixed a security weakness that allowed anyone who has an account at usps.com to view account details for some 60 million other users, and in some cases to modify account details on their behalf.

KrebsOnSecurity was contacted last week by a researcher who discovered the problem, but who asked to remain anonymous. The researcher said he informed the USPS about his finding more than a year ago yet never received a response. After confirming his findings, this author contacted the USPS, which promptly addressed the issue.

Read more on KrebsOnSecurity.com.

About the author: Dissent

Has one comment to “USPS Site Exposed Data on 60 Million Users”

You can leave a reply or Trackback this post.
  1. Regret - November 21, 2018

    One frustrating aspect of breaches at government sites has for me is that the government is fining businesses for similar breaches but the only thing that happens to the government when they do the same thing is “whoops.”

Comments are closed.