23 Nov USPS Fixes Year-Old Website Flaw
The US Postal Service fixed a flaw this week on their website which would have exposed the data of around 60 million users.
The vulnerability was already reported to the postal service around a year ago by Krebs on Security who said that an unnamed security researcher had discovered the bug. Krebs said that they never got a response on the matter.
The website bug would have allowed anyone logged into usps.com to access the sensitive data of other users, such as email addresses, usernames, user IDs, account numbers, street addresses, phone numbers, authorized users, and mailing campaign data.
Source: ZDNet
