Just in time for the holidays, on November 26th, a researcher found the United States Postal Service offered a feature on their site that was less than merry. The feature exposed information of 60 million users for an undisclosed amount of time. Keep reading for everything you need to know.
An anonymous researcher showed anyone logged into USPS’ InformedDelivery system (to track and view your mail before it arrives) was vulnerable. The users of this system could effectively view any other user’s requests and tracking. USPS finally patched the flaw, but there remains no recognition of the breach on their site.
With 2019 around the corner, breaches like this are becoming more and more common. Improve your digital security with a password manager. Dashlane will save you the stress of breaches like these by notifying you immediately and helping you change passwords across all your accounts with a click.
What data was leaked?
To access InformedDelivery you have to create a user account. Vulnerable data leaked included usernames, user IDs, email addresses, account numbers, addresses, phone numbers, and real-time data. Yes, this means online thieves might intercept your physical packages. Following the Amazon mishap, it seems logistics companies are going through a rough patch this holiday season.
Hacker News reported the researcher had actually flagged this security flaw last year but USPS did nothing about it.
What can you do?
- Breaches are a part of our lives now, we can’t prevent them but we can mitigate impact. Click here for “How To Recover After A Data Breach”.
- Download Mozilla Quantum. This latest Firefox browser flags sites breached within the last year while you’re on them. You can then make informed decisions of where to put your information.
- Change your passwords on your accounts. Check out this exclusive offer from Dashlane to make it easier!
- Monitor your financial accounts, make sure you made all those purchases!
Share this on social media if your family and friends use USPS!