The United States Postal Service has patched a critical security vulnerability that exposed the data of more than 60 million customers to anyone who has an account at the USPS.com. The vulnerability is tied to an authentication weakness in an application programming interface (API) for the USPS “Informed Visibility” program designed to help business customers track mail in real-time. The attacker could have pulled off email addresses, usernames, user IDs, account numbers, street addresses, phone numbers, authorized users and mailing campaign data from as many as 60 million USPS customer accounts.
Source: https://thehackernews.com/2018/11/usps-data-breach.html