Data Breach: US Patent and Trademark Office Confirms Private Addresses of About 61,000 Filers in Years-Long Data Leak
In a notice sent to affected trademark applicants, the USPTO stated that their private domicile address -- often their home address -- inadvertently appeared in public records between February 2020 and March 2023, reports TechCrunch.
San Francisco, June 29: The US Patent and Trademark Office (USPTO) responsible for granting patents and trademarks, has confirmed that it unintentionally exposed the private addresses of about 61,000 filers in a years-long data leak.
In a notice sent to affected trademark applicants, the USPTO stated that their private domicile address -- often their home address -- inadvertently appeared in public records between February 2020 and March 2023, reports TechCrunch. Pharma Giant Data Breach: US-Based Pharmacy Giant PharMerica Discloses Data Breach Affecting 6 Million Patients.
The problem was found in one of the USPTO's APIs, which allows apps used by both agency staff and filers to access a system for checking the status of pending and registered trademarks.
“When we discovered the issue, we blocked access to all USPTO non-critical APIs and took down the impacted bulk data products until a permanent fix could be implemented,” the notice said.
The USPTO also mentioned that the address data was also found in bulk datasets that the agency publishes online to aid academic and economic research, the report said. US Pilot Credentials Hack: American and Southwest Airlines Disclose Data Breaches Affecting Pilots.
“As indicated in our notice to impacted filers, while domicile addresses are required under trademark law, we took the voluntary step of masking this information in 2020 as part of our efforts to secure the data that the public accesses directly and frequently,” USPTO spokesperson Paul Fucito was quoted as saying.
According to the USPTO, the data leak affected around 3 per cent of all applications filed during the three-year period. The incident was resolved on April 1 after domicile addresses were masked and API vulnerabilities were fixed, the report mentioned.
Meanwhile, PharMerica, a leading pharmacy service provider in the US, which operates in more than 2,500 facilities across the country and offers over 3,100 pharmacy and healthcare programmes, has disclosed a data breach that compromised the personal information of nearly six million patients.
(The above story first appeared on LatestLY on Jun 29, 2023 12:54 PM IST. For more news and updates on politics, world, sports, entertainment and lifestyle, log on to our website latestly.com).