US Postal Service website flaw exposed data of 60M users: Report

The U.S. Postal Service on Monday said it has fixed a technical glitch on its website that may have exposed the personal information of more than 60 million customers. The vulnerability impacted USPS Informed Visibility, an online portal that allows businesses and advertisers access to "near real-time" tracking of mail and package shipments. An anonymous cybersecurity researcher discovered that the service’s website had a flaw that allowed anyone with a USPS account to view or, in some cases, modify account information for other users, cybersecurity blog KrebsOnSecurity reported. The USPS said it hasn’t uncovered any evidence to suggest that the flaw “was leveraged to exploit customer records.” The glitch has been corrected...MORE