Nov 21, 2018

Report: Leaky Post Office interface exposed 60 million users' data

Photo: Dünzl/ullstein bild via Getty Image

A glitch in the Post Office's internet tools left users' information accessible to programmers working on apps, independent security journalist Brian Krebs reports.

The big picture: At issue is a tool to integrate apps with the Post Office's network known as an application program interface (API). Per the report, any logged in user could apparently access and in some cases change other users' information.

Details: The API integrates apps with the Post Office's "Informed Visibility" portal, which helps bulk mail senders track and analyze mail.

  • The leak exposed users' "email address, username, user ID, account number, street address, phone number, authorized users, mailing campaign data and other information," wrote Krebs.
  • The exposure was reportedly first discovered last year, but the researcher who found it had trouble contacting the Postal Service. Krebs contacted USPS on his behalf, and the glitch has been patched.

Who should be worried: We don't know that anyone maliciously took advantage of this glitch, and therefore we don't know if anyone is in any danger. Passwords do not appear to have been exposed by the breach.

Go deeper

Margaret Talev
14 mins ago - Politics & Policy

Axios-Ipsos poll: America’s big racial divide on police, virus

Data: Ipsos/Axios survey; Note: ±3.2% margin of error; Chart: Andrew Witherspoon/Axios

A new Axios-Ipsos poll finds that America has a massive racial gulf on each of our twin calamities — trust in police, and fear of the coronavirus.

  • 77% of whites say they trust local police, compared with just 36% of African Americans — one of many measures of a throbbing racial divide in Week 11 of the Axios-Ipsos Coronavirus Index, taken the week George Floyd was killed by a white policeman in Minneapolis.
Go deeper (2 min. read)Arrow
Rebecca Falconer
Updated 24 mins ago - Politics & Policy

Updates: George Floyd protests nationwide

Police officers wearing riot gear push back demonstrators outside of the White House on Monday. Photo: Jose Luis Magana/AFP via Getty Images

Protests over the death of George Floyd and other police-related killings of black people continued for a seventh day across the U.S., with President Trump threatening on Monday to deploy the military if the unrest continues.

The latest: Four police officers were struck by gunfire while standing near a line in St Louis on Monday after a peaceful demonstration, Police Chief John Hayden said early Tuesday. They were all taken to hospital with non-life threatening injuries. He said a small group of people had thrown rocks and fireworks at police officers.

Go deeper (2 min. read)Arrow
Axios
Updated 2 hours ago - Politics & Policy

Coronavirus dashboard

Illustration: Sarah Grillo/Axios

  1. Global: Total confirmed cases as of 3 a.m. ET: 6,273,402 — Total deaths: 375,683 — Total recoveries — 2,697,873Map.
  2. U.S.: Total confirmed cases as of 3 a.m. ET: 1,811,277 — Total deaths: 105,147 — Total recoveries: 458,231 — Total tested: 17,340,682Map.
  3. Public health: Nearly 26,000 coronavirus deaths in nursing homes have been reported to federal health officials —Coronavirus looms over George Floyd protests across the country.
  4. Federal government: Trump lashes out at governors, calls for National Guard to "dominate" streets.
  5. World: Former FDA commissioner says "this is not the time" to cut ties with WHO.
  6. 🎧 Podcast: The virus didn't go away.
Other resources (<1 min. read)Arrow