Discord Server Red Security Twitter Donation to Red Security Red Security Youtube Channel Red Security Tumblr Profile
Windscribe
Login or Register to Hide ads and Accessing all features on the forum
Thread Rating:
  • 2 Vote(s) - 3 Average
  • 1
  • 2
  • 3
  • 4
  • 5
News US Postal Service Left 60 Million Users Data Exposed For Over a Year
#1
[Image: images?q=tbn:ANd9GcRzYHYj290IUlHjNi4noaW...WSoiQuPPgQ]


    USPS, or the United States Postal Service, recently patched a vulnerability that exposed sensitive information belonging to 60 million users. 

  The vulnerability itself was tied to a weakness in the application programming interface. [API] The API was tied to the "Informed Visibility" program that allows users to track their packages in real time. According to the cyber security researcher [identity as of yet is unknown] the faulty API was programmed to accept any [wildcard] search parameters, this could have allowed anyone logged in to query the system and retrieve the account information of any other user.


   What's more is the reaction from USPS regarding the matter. The researcher reportedly found and reported the vulnerability to USPS, who then ignored it and left the hole open to anyone who wanted to appropriate the information. This was until last week, a journalist by the name of Brian Krebs, contacted USPS on behalf of the researcher. 


    USPS had this to say: 


    "We currently have no information that this vulnerability was leveraged to exploit customer records."


"Out of an abundance of caution, the Postal Service is further investigating to ensure that anyone who may have sought to access our systems inappropriately is pursued to the fullest extent of the law."



     That was the news, have a good week, and stay safe out there. 


     ----Mad-Architect
01001001 00100000 01000001 01001101 00100000 01011010 01001111 01000100 01001001 01000001 01000011
Reply
#2
Well, That is shitty.
Who is responsible now?
Rs
* Thankful to Allah *
Kurdy
Reply
#3
USPS is responsible, they just don't seem to want to take it at face value
01001001 00100000 01000001 01001101 00100000 01011010 01001111 01000100 01001001 01000001 01000011
Reply


Possibly Related Threads…
Thread Author Replies Views Last Post
Star News Good Heavens! 10M Impacted in Pray.com Data Exposure News 0 3,107 11-21-2020, 04:21 AM
Last Post: News
Star News Iowa Hospital Alerts 60K Individuals Affected by June Data Breach News 0 519 11-20-2020, 02:36 AM
Last Post: News
Star News Data of 27 Million Texas Drivers Compromised in Breach News 0 405 11-15-2020, 11:41 AM
Last Post: News
Star News First the Good News: Number of Breaches Down 51% Year Over Year News 0 392 10-30-2020, 11:55 AM
Last Post: News
Star News For Sale: 3 Million Cards Used at Dickey’s Barbeque Pit News 0 443 10-17-2020, 11:32 AM
Last Post: News
Star News Data Breaches Exposes Vets, COVID-19 Patients News 0 445 09-16-2020, 02:03 AM
Last Post: News
Brick News Website Security Breach Exposes 1 Million DNA Profiles Mr.Kurd 0 556 07-25-2020, 10:25 PM
Last Post: Mr.Kurd
Thumbs Up News Citrix Bugs Allow Unauthenticated Code Injection, Data Theft Mr.Kurd 1 743 07-15-2020, 12:28 AM
Last Post: EthelCrife
Heart News Zoom Offers Custom Data Routing To Paid Users Mr.Kurd 0 1,029 04-16-2020, 06:47 AM
Last Post: Mr.Kurd
Star News Zoom will soon let some users choose which countries their data is routed through Mr.Kurd 0 738 04-14-2020, 09:07 AM
Last Post: Mr.Kurd



Users browsing this thread: 1 Guest(s)