Nov 21, 2018

Report: Leaky Post Office interface exposed 60 million users' data

Photo: Dünzl/ullstein bild via Getty Image

A glitch in the Post Office's internet tools left users' information accessible to programmers working on apps, independent security journalist Brian Krebs reports.

The big picture: At issue is a tool to integrate apps with the Post Office's network known as an application program interface (API). Per the report, any logged in user could apparently access and in some cases change other users' information.

Details: The API integrates apps with the Post Office's "Informed Visibility" portal, which helps bulk mail senders track and analyze mail.

  • The leak exposed users' "email address, username, user ID, account number, street address, phone number, authorized users, mailing campaign data and other information," wrote Krebs.
  • The exposure was reportedly first discovered last year, but the researcher who found it had trouble contacting the Postal Service. Krebs contacted USPS on his behalf, and the glitch has been patched.

Who should be worried: We don't know that anyone maliciously took advantage of this glitch, and therefore we don't know if anyone is in any danger. Passwords do not appear to have been exposed by the breach.

Go deeper

Zach Dorfman of the Aspen Institute
20 mins ago - Politics & Policy

The national security risks hiding in Trump's debts

Illustration: Aïda Amer/Axios

The blockbuster New York Times report on President Trump’s taxes reveals that the president is $421 million in debt, with more than $300 million coming due during Trump’s potential second term — and the identities of the president’s creditors remain unknown.

Why it matters: If some, or all, of this debt is held by foreign actors, it raises serious national security implications.

Go deeper (2 min. read)Arrow
Zachary Basu
23 mins ago - World

House report: U.S. intelligence agencies have failed to adapt to China threat

Xi Jinping and other Chinese politicians and delegates listen to the national anthem duirng the closing of the 19th Communist Party Congress in 2017. Photo: Lintao Zhang/Getty Images

The House Intelligence Committee on Wednesday released a report finding that the U.S. intelligence community has failed to adapt to the growing threat from China, arguing that it will struggle to compete on the global stage for decades to come if it does not implement major changes.

The big picture: The 200-page report, based on thousands of analytic assessments and hundreds of hours of interviews with intelligence officers, determined that the intelligence community's focus on counterterrorism after 9/11 allowed China "to transform itself into a nation potentially capable of supplanting the United States as the leading power in the world."

Go deeper (1 min. read)Arrow
Ursula Perano
Updated 26 mins ago - Politics & Policy

Tim Scott says Trump "misspoke" when he told Proud Boys to "stand by"

Photo: Bonnie Cash/Pool/AFP via Getty Images

Sen. Tim Scott (R-S.C.) told reporters on Wednesday that he believes President Trump "misspoke" when he told the far-right "Proud Boys" group to "stand back and stand by" in response to a question about condemning white supremacy at the first presidential debate.

Catch up quick: Moderator Chris Wallace asked Trump on Tuesday, "Are you willing, tonight, to condemn white supremacists and militia groups and to say that they need to stand down?" Trump asked who specifically he should condemn, and then responded, "Proud Boys, stand back and stand by. But I'll tell you what, somebody's got to do something about antifa and the left."

Go deeper (1 min. read)Arrow

Get Axios AM in your inbox

Catch up on coronavirus stories and special reports, curated by Mike Allen everyday

Please enter a valid email.

Subscription failed
Thank you for subscribing!