The US Postal Service has taken an entire year to fix a security vulnerability on the usps.com website that revealed data of all 60 million of its users. Anyone could see the personal account information of these users including details such as usernames and street addresses. An independent researcher had reportedly identified this security vulnerability over a year ago.
The USPS apparently took its sweet time in patching this vulnerability as Krebs on Security reports that USPS only applied the patch earlier this week. This means that the vulnerability left the user data of 60 million people completely exposed for an entire year.