60 million people may have had their data exposed by the U.S. Postal Service

|
Advertisement

The United States Postal Service confirms a long-lived security flaw on its website potentially exposed the data of 60 million users over the course of 2017 and 2018.

RELATED: HealthCare.gov data breach reveals info on 75,000 people

USPS web breach is now closed

Krebs on Security reports the Postal Service has now closed a loophole on its site that allowed anyone with an online account at USPS.com to view account details for approximately 60 million other users.

Among the data that may have been exposed to anyone who logged in and did a simple search was:

  • email address
  • username
  • user ID
  • account number
  • street address
  • phone number
  • authorized users

But note this well: While all that data and more was available, the USPS says it has no reason to believe any of it was in fact accessed by hackers.

The security flaw was discovered by a researcher who contacted USPS to report the exploit back in 2017.

Unfortunately, no action was taken to shore up the system at that time. It took the efforts of Krebs on Security to get the loophole closed earlier this month.

The exact point of weakness in the USPS.com system has been tied to a free program called Informed Visibility, which offers mail tracking and reporting in “near real-time.”

Informed Visibility, meanwhile, is a companion service to Informed Delivery — another free USPS program designed to offer a digital preview of incoming mail.

You can see our recent article for more about the opportunities and dangers around Informed Delivery, as well as similar tracking programs from FedEx, UPS and DHL.

Advertisement

Take steps to protect yourself now

If you want to shut potential identity thieves down before they wreak havoc in your life, a full-blown credit freeze is what you really need.

A credit freeze effectively shuts down a criminal’s ability to open new credit in your name even if they get your personal info in a breach.

Furthermore, if identity theft is a concern, be proactive and sign up for Credit Karma’s credit monitoring service, and a similar service from Credit Sesame. They’re both free!

More privacy & identity theft stories on Clark.com:

Advertisement
Welcome bonuses can be a great way to boost the value of a credit card. Best Credit Card Welcome Bonuses for 2021 - If you're in the market for a new credit card, you may be hoping to cash in on the hundreds of dollars in signup bonuses offered to new customers. Welcome bonuses and offers are a marketing tool that credit card…
The best cell phone plans include Tello, Mint Mobile, Visible, T-Mobile, Consumer Cellular and more Best Cell Phone Plans and Deals in 2021 - Team Clark ranks the best cell phone plans and deals! See our favorites for unlimited data, families and cheap plans starting at $10/month.
  • Show Comments Hide Comments