U.S. Postal Service has addressed a gap security that allowed a person with an account at usps.com to not only view but in some cases to modify account details on behalf of more than 60 million users of a system called Informed Visibility.
An anonymous researcher who discovered the flow informed the #USPS a year ago but has not received any response nor a fix to the problem. Due to the danger that to security flow posed, the same researcher contacted KrebsOnSecurity but also informed the journalist that he/she wished continued to remain anonymous.
KrebsOnSecurity contacted the USPS after confirming his findings, and USPS promptly addressed the issue.
Thursday, November 22, 2018
60 Million USPS Users' Data Left Exposed Over A Year Despite The Notification By A Researcher.
Labels:
Informed Visibility,
KrebsOnSecurity,
Security,
USPS
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment