Breach cyber

United States Postal Service

Aug 17, 2024 1 min read
United States Postal Service

The United States Postal Service (USPS) faced a massive smishing scam where a Chinese-language group tricked users into entering credit card details. Security researcher Grant Smith uncovered the breach involving 438,669 credit cards and over 1.2 million pieces of information. The victims, including military and government affiliates, were exposed to potential financial fraud. Smith’s investigation revealed server vulnerabilities, leading to a coordinated effort with USPS to mitigate the threat.

Source: https://www.wired.com/story/usps-scam-text-smishing-triad/

TPRM report: https://scoringcyber.rankiteo.com/company/usps

"id": "usp001081724",
"linkid": "usps",
"type": "Breach",
"date": "8/2024",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"
{'affected_entities': [{'customers_affected': 'Over 1.2 million',
                        'industry': 'Postal Services',
                        'location': 'United States',
                        'name': 'United States Postal Service (USPS)',
                        'type': 'Government'}],
 'attack_vector': 'Social Engineering',
 'data_breach': {'number_of_records_exposed': 1200000,
                 'personally_identifiable_information': 'Yes',
                 'sensitivity_of_data': 'High',
                 'type_of_data_compromised': ['Credit Card Details',
                                              'Personal Information']},
 'description': 'The United States Postal Service (USPS) faced a massive '
                'smishing scam where a Chinese-language group tricked users '
                'into entering credit card details. Security researcher Grant '
                'Smith uncovered the breach involving 438,669 credit cards and '
                'over 1.2 million pieces of information. The victims, '
                'including military and government affiliates, were exposed to '
                'potential financial fraud. Smith’s investigation revealed '
                'server vulnerabilities, leading to a coordinated effort with '
                'USPS to mitigate the threat.',
 'impact': {'data_compromised': ['Credit Card Details', 'Personal Information'],
            'payment_information_risk': 'High'},
 'motivation': 'Financial Fraud',
 'threat_actor': 'Chinese-language group',
 'title': 'USPS Smishing Scam',
 'type': 'Smishing Scam',
 'vulnerability_exploited': 'Server Vulnerabilities'}
Published by
Jeremy C
Jeremy C
You might also like
Breach cyber

Helsinki

public 1 min read
A data breach affecting Helsinki, Finland’s capital and largest employer, exposed sensitive personal data of over 300,000 people.…
Jeremy C Jeremy C
Great! Next, complete checkout for full access to Rankiteo Blog.
Welcome back! You've successfully signed in.
You've successfully subscribed to Rankiteo Blog.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info has been updated.
Your billing was not updated.