Nov 212018

Brian Krebs reports:

U.S. Postal Service just fixed a security weakness that allowed anyone who has an account at to view account details for some 60 million other users, and in some cases to modify account details on their behalf.

KrebsOnSecurity was contacted last week by a researcher who discovered the problem, but who asked to remain anonymous. The researcher said he informed the USPS about his finding more than a year ago yet never received a response. After confirming his findings, this author contacted the USPS, which promptly addressed the issue.


  One Response to “USPS Site Exposed Data on 60 Million Users”

  1. One frustrating aspect of breaches at government sites has for me is that the government is fining businesses for similar breaches but the only thing that happens to the government when they do the same thing is “whoops.”

Sorry, the comment form is closed at this time.