USPS Security Flaw Exposes Personal Data of 60 Million People -- Security Today

USPS Security Flaw Exposes Personal Data of 60 Million People

A security hole in a mail preview program may have made the data of 60 million customers vulnerable.

By Sydny Shepard
Nov 28, 2018

A security hole in a mail preview program from the U.S. Postal Service could have exposed the data of more than 60 million customers, giving third parties access to information including when critical documents and checks are scheduled to arrive in people's mailboxes.

An anonymous researchers discovered the weakness in the "Informed Visibility" service, noting that a web component called an API pretty much allowed anyone with a USPS account to view details of other users and, in some cases, to modify those people's account details.

The USPS says it has patched the security hole, but seemingly only did so after a security expert got into contact with them about it. The anonymous researcher who originally pointed to the issue claims to have alerted postal authorities about the issue more than a year ago.

The security flaw also lets any user find the account details of other users, including email address, user ID, phone number and more. The postal service says it has no information that any customer records were accessed.

Officials also say they are investigating further "out of an abundance of caution."

About the Author

Sydny Shepard is the Executive Editor of Campus Security & Life Safety.

Featured

Security Industry Association Announces the 2025 Security Megatrends

The Security Industry Association (SIA) has identified and forecasted the 2025 Security Megatrends, which form the basis of SIA’s signature annual Security Megatrends report defining the top 10 factors influencing both short- and long-term change in the global security industry. Read Now
- Cybersecurity
- Artificial Intelligence
Generative AI, Cybersecurity Among Top Risks for Healthcare Provider Organizations in 2025

Overseeing the use of generative artificial intelligence, enhancing cybersecurity and ensuring compliance with a host of federal healthcare regulations headline the Top Risks health systems face in 2025, according to an annual study by Kodiak Solutions. Read Now
- Hospital
Wisconsin Shooting Likely a 'Combination of Factors'

Following the deaths of a teacher and student at Abundant Life Christian School in, Madison, Wisc., police chief Shon Barnes indicated that the motive appears to be a “combination of factors” for a 15-year-old female student’s attack on a study hall. Read Now
- Active Shooter
- Incident Response
Louisville Muhammad Ali International Airport Transforms Operations Using Data Insights

Genetec Inc., provider of enterprise physical security software, recently announced that Louisville Muhammad Ali International Airport (SDF), a civil and military airport in Kentucky, USA is using Genetec Security Center to drive operational improvements to enhance efficiency and security while improving customer experience. Read Now
- Airport Security

Webinars

Building a Unified Approach to School Safety
The Center for Safe and Resilient Schools and Workplaces

Precovery in Action: Proactive Strategies to Promote School Safety and Mass Violence Prevention
Hanwha Vision (formerly Hanwha Techwin), NAPCO Security Technologies, Inc.

Getting Control of your Access

Whitepapers

Salient Systems

A Model for Community Security
Genetec

State of Physical Security 2025
Winsted Corporation

Sit/Stand Consoles: Helping Increase Productivity

New Products

HD2055 Modular Barricade

Delta Scientific’s electric HD2055 modular shallow foundation barricade is tested to ASTM M50/P1 with negative penetration from the vehicle upon impact. With a shallow foundation of only 24 inches, the HD2055 can be installed without worrying about buried power lines and other below grade obstructions. The modular make-up of the barrier also allows you to cover wider roadways by adding additional modules to the system. The HD2055 boasts an Emergency Fast Operation of 1.5 seconds giving the guard ample time to deploy under a high threat situation. 3
4K Video Decoder

3xLOGIC’s VH-DECODER-4K is perfect for use in organizations of all sizes in diverse vertical sectors such as retail, leisure and hospitality, education and commercial premises. 3
EasyGate SPT SPD

Security solutions do not have to be ordinary, let alone unattractive. Having renewed their best-selling speed gates, Cominfo has once again demonstrated their Art of Security philosophy in practice — and confirmed their position as an industry-leading manufacturers of premium speed gates and turnstiles. 3

USPS Security Flaw Exposes Personal Data of 60 Million People

CISA, NSA, FBI and International Partners Publish Guide for Protecting Communications Infrastructure

Fast-food Operator Enhances Safety and Cuts Security Costs with Interface Systems’ Virtual Guard

Eagle Eye Cabinets Extend Video Security to Remote and Hard-to-Wire Locations

ESX 2025 Registration Now Open

ASIS International Announces Officers and Directors for 2025 Global and Regional Governing Boards

ISS Welcomes New Director of Strategic Partnerships, Regional Sales Director

Security Industry Association Opens Call for Nominations for 2025 Women in Security Forum Power 100