Sign up for our daily briefing
Make your busy days simpler with Axios AM/PM. Catch up on what's new and why it matters in just 5 minutes.
Catch up on coronavirus stories and special reports, curated by Mike Allen everyday
Catch up on coronavirus stories and special reports, curated by Mike Allen everyday
Denver news in your inbox
Catch up on the most important stories affecting your hometown with Axios Denver
Des Moines news in your inbox
Catch up on the most important stories affecting your hometown with Axios Des Moines
Minneapolis-St. Paul news in your inbox
Catch up on the most important stories affecting your hometown with Axios Twin Cities
Tampa Bay news in your inbox
Catch up on the most important stories affecting your hometown with Axios Tampa Bay
Charlotte news in your inbox
Catch up on the most important stories affecting your hometown with Axios Charlotte
Photo: Dünzl/ullstein bild via Getty Image
A glitch in the Post Office's internet tools left users' information accessible to programmers working on apps, independent security journalist Brian Krebs reports.
The big picture: At issue is a tool to integrate apps with the Post Office's network known as an application program interface (API). Per the report, any logged in user could apparently access and in some cases change other users' information.
Details: The API integrates apps with the Post Office's "Informed Visibility" portal, which helps bulk mail senders track and analyze mail.
- The leak exposed users' "email address, username, user ID, account number, street address, phone number, authorized users, mailing campaign data and other information," wrote Krebs.
- The exposure was reportedly first discovered last year, but the researcher who found it had trouble contacting the Postal Service. Krebs contacted USPS on his behalf, and the glitch has been patched.
Who should be worried: We don't know that anyone maliciously took advantage of this glitch, and therefore we don't know if anyone is in any danger. Passwords do not appear to have been exposed by the breach.