USPS Security Flaw Exposes Personal Data of 60 Million People

A security hole in a mail preview program from the U.S. Postal Service could have exposed the data of more than 60 million customers, giving third parties access to information including when critical documents and checks are scheduled to arrive in people’s mailboxes.

An anonymous researcher discovered the weakness in the “Informed Visibility” service, noting that a web component called an API allowed pretty much anyone with a USPS account to view details of other users and, in some cases, to modify those people’s account details.

Read the full article here.

Chris Morris