https://www.cnet.com/news/usps-reportedly-fixes-website-bug-that-exposed-data-of-60m-users/

USPS representatives didn't immediately respond to a request for confirmation and comment on Thanksgiving Day.

Krebs said the flaw stemmed from an authentication weakness in an application program interface, or API, tied to its Informed Visibility program, which lets users receive a scan of all incoming mail before it's delivered to their address. That program was the subject of a US Secret Service advisory Krebs tracked down earlier this month warning that criminals could use the program to target people for credit card fraud.