USPS shared customer postal addresses with Meta, LinkedIn and Snap
The U.S. Postal Service inadvertently shared customer addresses with tech giants through hidden code on its website. USPS took action after TechCrunch's alert. Data extent and duration are unclear. USPS investigates data sharing.
Read original article
The U.S. Postal Service was found to have shared customer postal addresses with tech giants Meta, LinkedIn, and Snap through hidden data-collecting code on its website. This information was collected from logged-in USPS Informed Delivery customers, including their postal addresses and tracking numbers. USPS claimed to be unaware of this practice and took immediate action to address the issue after being notified by TechCrunch. The extent of the data collection and the duration it occurred for remains unclear. USPS stated that the collected data was not sold or provided to third parties, and they were investigating how this information was shared without their knowledge. TechCrunch's investigation revealed that other tech companies like Bing, Google, Pinterest, and Snap also received tracking data from the USPS website. The USPS spokesperson did not confirm if they would request the deletion of the collected data from these companies. This incident adds USPS to a list of organizations facing scrutiny for sharing user data with tech and advertising companies, highlighting ongoing concerns about data privacy and security.
Related
My Memories Are Just Meta's Training Data Now
Meta's use of personal content from Facebook and Instagram for AI training raises privacy concerns. European response led to a temporary pause, reflecting the ongoing debate on tech companies utilizing personal data for AI development.
Law enforcement is spying on Americans' mail, records show
The U.S. Postal Service shares Americans' mail details with law enforcement through the mail covers program, aiding investigations without court orders. Critics raise privacy concerns, while the Postal Service defends the program's legality and limited scope.
Post Office lawyers held secret meeting with judge to stop disclosure
Post Office lawyers held a secret meeting with a judge to prevent disclosure in a criminal trial. The meeting occurred in 2013, influencing the handling of a sub-postmaster's theft case involving the Horizon system. The inquiry exposes concerns over compliance and transparency in Post Office prosecutions.
Microsoft tells yet more customers their emails have been stolen
Microsoft notifies customers of email theft by Russian criminals, expanding breach scope. Compromised accounts' correspondents informed. US auto dealers face disruptions from cyber incident linked to CDK software. Rabbit R1 AI devices' security flaw disclosed. EU sanctions Russians for cyber attacks.
AT&T says hackers stole records of nearly all cellular customers calls and texts
Hackers accessed AT&T's system, obtaining call and text records from May to Oct. 2022 and Jan. 2023. The breach did not expose content or personal data but included sensitive phone numbers. AT&T is collaborating with law enforcement to investigate and enhance security measures. Senator Wyden highlighted the need for accountability in data breaches.
- Many commenters criticize the negligence of USPS in allowing tracking pixels, emphasizing the privacy concerns and the need for better oversight.
- There is a strong call for comprehensive data privacy laws in the U.S., similar to GDPR, to address systemic privacy issues.
- Some users express frustration with the government's practice of sharing or selling citizens' addresses, questioning its legality and ethics.
- Several comments highlight the broader issue of pervasive data tracking and sharing by various entities, including banks, local governments, and tech companies.
- There are mentions of the inadequacy of current measures to protect sensitive data, with some blaming the incompetence of leadership and systemic issues.
27 commentsOf course, it's terrible from a privacy point of view, but let's be honest and call things as they are.
This is the real reason why TikTok is a national security risk. Their ad platform, widely used by Shopify, Adobe, Segment, WooCommerce, etc., collects intimate data on non-TikTok users: prescriptions, medical appointments, loan applications, credit card details. Millions who'll never use TikTok, Facebook, etc. are still subject to this data collection in the name of "converting users to customers".
https://abs.codes/blog/2024/03/tiktoks-all-seeing-eye-survei...
At the policy level, we urgently need a national data privacy act to address these types of systemic issues. At the technology level, things like zero-knowledge advertising could mitigate a lot of the user privacy risk.
Seems pretty convenient to blame the people using the tool.
> Our system is designed to filter out potentially sensitive data it is able to detect.”
And just how much attention is spent making that work well? Or is that really just an afterthought with no ongoing improvements so that they can say they tried?
USPS has an authenticated page where they know their customers. Why wouldn’t they just analyze THEIR OWN logs instead of relying on third-party advertising companies?
Was this really an accident?
When you order, you enter their own address and name, so neither the delivery company, nor the web shop, have your details.
Shit like this is the only "uncertainty"
I didn’t do it once when I had a short stint and that addrsss isn’t leaked…
Those images are part of their 'informed delivery' service which you can sign up for.
I've noticed on a number of occasions that the contents of the envelope were noticeable without enhancement and legible with simple contrast/level adjustment.
Still it’s a major oversight on their part. I wonder if the tracking pixel is loaded as part of “social login” or “social media integration”.
Yet another reason I don’t use that shit, and heavily block them across all sites.
Please stop denying the fact that you could have disabled usps when they sent the sensitive data. But why would facebook/meta do it when they need so data.
And, why is USPS even using meta etc..
Related
My Memories Are Just Meta's Training Data Now
Meta's use of personal content from Facebook and Instagram for AI training raises privacy concerns. European response led to a temporary pause, reflecting the ongoing debate on tech companies utilizing personal data for AI development.
Law enforcement is spying on Americans' mail, records show
The U.S. Postal Service shares Americans' mail details with law enforcement through the mail covers program, aiding investigations without court orders. Critics raise privacy concerns, while the Postal Service defends the program's legality and limited scope.
Post Office lawyers held secret meeting with judge to stop disclosure
Post Office lawyers held a secret meeting with a judge to prevent disclosure in a criminal trial. The meeting occurred in 2013, influencing the handling of a sub-postmaster's theft case involving the Horizon system. The inquiry exposes concerns over compliance and transparency in Post Office prosecutions.
Microsoft tells yet more customers their emails have been stolen
Microsoft notifies customers of email theft by Russian criminals, expanding breach scope. Compromised accounts' correspondents informed. US auto dealers face disruptions from cyber incident linked to CDK software. Rabbit R1 AI devices' security flaw disclosed. EU sanctions Russians for cyber attacks.
AT&T says hackers stole records of nearly all cellular customers calls and texts
Hackers accessed AT&T's system, obtaining call and text records from May to Oct. 2022 and Jan. 2023. The breach did not expose content or personal data but included sensitive phone numbers. AT&T is collaborating with law enforcement to investigate and enhance security measures. Senator Wyden highlighted the need for accountability in data breaches.