The US postal service recently patched a security exposure as follows:

A security hole in a mail preview program from the U.S. Postal Service could have exposed the data of more than 60 million customers, giving third parties access to information including when critical documents and checks are scheduled to arrive in people’s mailboxes.

Anonymous researchers discovered the weakness in the “Informed Visibility” service, noting that a web component called an API pretty much allowed anyone with a USPS account to view details of other users and, in some cases, to modify those people’s account details.

The USPS says it has patched the security hole. The anonymous researcher who originally pointed to the issue claims to have alerted postal authorities about the issue more than a year ago. The security flaw also lets any user find the account details of other users, including email address, user ID, phone number and more. The postal service says it has no information that any customer records were accessed.