Report: US Postal Service website flaw exposed data of 60M users

Photo by Justin Sullivan/Getty Images

The U.S. Postal Service on Monday said it has fixed a technical glitch on its website that may have exposed the personal information of more than 60 million customers.

The vulnerability impacted USPS Informed Visibility, an online portal that allows businesses and advertisers access to "near real-time" tracking of mail and package shipments. An anonymous cybersecurity researcher discovered that the service’s website had a flaw that allowed anyone with a USPS account to view or, in some cases, modify account information for other users, cybersecurity blog KrebsOnSecurity reported.

The USPS said it hasn’t uncovered any evidence to suggest that the flaw “was leveraged to exploit customer records.” The glitch has been corrected.

“Any information suggesting criminals have tried to exploit potential vulnerabilities in our network is taken very seriously,” the USPS said in a statement. “Out of an abundance of caution, the Postal Service is further investigating to ensure that anyone who may have sought to access our systems inappropriately is pursued to the fullest extent of the law.”