ANNOUNCEMENT : ALL OF ROYAL MAIL'S EMPLOYMENT POLICIES (AGREEMENTS) AT A GLANCE (UPDATED APR 2019)... HERE

ANNOUNCEMENT : NEW AGREEMENT REACHED : FULL DETAILS... HERE

ROYAL MAIL DELAYS : PLEASE BE AWARE THAT THERE IS A BIG BACKLOG IN THE SYSTEM, WE ARE DOING OUR BEST TO DELIVER WHAT WE CAN DAILY BUT UNFORTUNATELY IN SOME AREAS THERE WILL BE DELAYS. PLEASE HAVE SOME PATIENCE AS WE ARE DOING WHAT WE CAN.Postal workers of royalmailchat.co.uk

ANNOUNCEMENT : BREXIT : IMPLICATIONS ON MAIL AFTER THE UK'S EXIT FROM THE EU... HERE



Major US Postal Service data breach exposes 60m users

Competitors and other mail organisations around the world news and discussion.This is an open forum.
Post Reply
User avatar
TrueBlueTerrier
FORUM ADMINISTRATOR
Posts: 63158
Joined: 30 Dec 2006, 10:29
Gender: Male
Location: Proud to be part of the Union
Contact:

Major US Postal Service data breach exposes 60m users

Post by TrueBlueTerrier »

https://www.siliconrepublic.com/enterpr ... ata-breach" onclick="window.open(this.href);return false;

It was a busy week in the world of infosec with a major breach at the US Postal Service exposing data of 60m users.

In the build-up to the retail extravaganza that is Black Friday and Cyber Monday, the world’s biggest retailer at first denied it was hit by a major data breach, despite customers receiving emails stating as such.

The email, sent to a large number of Amazon account holders, claimed that the issue was fixed and that it was not the result of any customer’s actions. However, the e-commerce giant eventually admitted to TechCrunch it was on the receiving end of a breach, and that the names and email addresses of those exposed were obtained by hackers.

Broken USPS API exposes 60m users
A number of US Postal Service (USPS) users – equivalent to almost a fifth of the US population – found themselves on the end of a substantial data breach.

According to KrebsOnSecurity, a broken API within USPS’s mail tracker service called Informed Delivery allowed any user to see another user’s details. Brian Krebs appeared to confirm this with a copy of the API on his own site.

In a statement to KrebsOnSecurity, USPS said: “Out of an abundance of caution, the Postal Service is further investigating to ensure that anyone who may have sought to access our systems inappropriately is pursued to the fullest extent of the law.”

Krebs claimed that identity thieves are using this information to see what packages are being sent to users’ homes on what days, in order to exploit them.
All post by me in Green are Admin Posts.
Any post in any other colour is my own responsibility.
I am using an automatic grammar and spelling app, your original post if quoted may be amended by default. No judgement in your use of grammar or spelling is intended or meant.
Post Reply

Who is online

Users browsing this forum: No registered users and 2 guests