USPS, Amazon Weather Bad Data Days as Peak Season Begins

In the midst of the kickoff to the busiest shopping season of the year, news emerged that both the U.S. Postal Service and Amazon experienced data glitches that exposed customer information.

The USPS may have exposed the personal data of more than 60 million customers via a security hole, including access to information on when checks and other critical documents were set to arrive.

Amazon meanwhile told an unknown number of customers their names and email addresses were exposed due to a technical error on its ecommerce site.

“We’re contacting you to let you know that our website inadvertently disclosed your name and email address due to a technical error,” read an email from Amazon customer service, according to Silicon Republic. “The issue has been fixed. This is not a result of anything you have done, and there is no need for you to change your password or take any other action.”

“We have fixed the issue and informed customers who may have been impacted,” Amazon told TechCrunch, providing no further details.

The USPS incident was caused by a broken application programming interface (API) in its Informed Visibility service. The now ironically named service is an informational platform used by companies to check the status of letters and packages inducted into the USPS system for delivery.

Information including account numbers, email addresses, street addresses and phone numbers were put at risk. Potentially, any USPS.com account holder could have viewed other users’ private data.

“The incident reported last week was not a breach of customers’ data,” said USPS spokesman David Partenheimer. “It was a system vulnerability which was quickly mitigated by the Postal Service. We have no information to indicate that any customer data was exploited before we mitigated the vulnerability.”

While media reports said the USPS only took action after the vulnerability was brought to its attention recently by cybersecurity expert Brian Krebs, adding it was ignored when an anonymous researcher came forward in 2017, Partenheimer denied this. “The Post Office is not aware of being contacted about this issue a year ago,” he said.

“Any information suggesting criminals have tried to exploit potential vulnerabilities in our network is taken very seriously,” Partenheimer continued. “Out of an abundance of caution, the Postal Service is further investigating to ensure that anyone who may have sought to access our systems inappropriately is pursued to the fullest extent of the law.”

Partner Content

Hincapie Sportswear Finds Omnichannel Success in the Cloud - Netsuite
For more and more companies, a cloud-based unified data solution is the way to make this happen. Custom cycling apparel maker Hincapie Sportswear has leveraged this capability to gain greater visibility into revenue streams, turning opportunities into sales more quickly while gaining overall operating efficiency. Download this ecommerce special report from Multichannel Merchant to more.
The Gift of Wow: Preparing your store for the holiday season - Netsuite
Being prepared for the holiday rush used to mean stocking shelves and making sure your associates were ready for the long hours. But the digital revolution has changed everything, most importantly, customer expectations. Retailers with a physical store presence should be asking themselves—what am I doing to wow the customer?
3 Critical Components to Achieving the Perfect Order - NetSuite
Explore the 3 critical components to delivering the perfect order.
Streamlining Unified Commerce Complexity - NetSuite
Explore how consolidating multiple systems through a cloud-based commerce platform provides a seamless experience for both you, and your customer.