KOMMONSENTSJANE – USPS SUFFERS MAJOR BREACH – LEAVING MILLIONS EXPOSED.

Have you ever seen anything that the government is handling run smoothly? This is a good example. Did one of the employees sell our information for Christmas money?

Not the first time. My thinking is that the Obama leftovers do this for extra change.

PC Pitstop TechTalk

USPS Suffers Major Breach, Leaving Millions Exposed

November 27, 2018  Kayla Elliott

60 Million Users Exposed Due to USPS’s Overlooked Security Breach

The United States Postal Service (USPS) just fixed a security vulnerability that previously allowed anyone who has an account at usps.com, to view account details for approximately 60 million other users. What is worse is, in some cases, users were able to access and modify account details for accounts they should not have access to. Just think of the damage someone could do with that power!

According to Krebs on Security, this vulnerability is over a year old. The researcher who originally found it reportedly informed the USPS over a year ago without a resolution. Once Brian Krebs confirmed the vulnerability and reached out to USPS, a fix was promptly issued.

The security vulnerability was also overlooked by the Office of Inspector General, who recently conducted an IT audit. The audit findings were primarily focused on the encryption process of data going from point A to point B. However, they missed the lack of controls within the usps.com website as a whole. Prior to the fix, once logged into the user’s account, they could abuse their access. Now, a second authentication piece has been added in order to authorize certain account changes.

It does not appear user passwords were leaked as a result of this vulnerability. However, it would be wise to review account information to ensure accuracy.

kommonsentsjane

About kommonsentsjane

Enjoys sports and all kinds of music, especially dance music. Playing the keyboard and piano are favorites. Family and friends are very important.
This entry was posted in Uncategorized and tagged . Bookmark the permalink.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s