The USPS Office of Inspector General found that the Postal Service was using several applications laded with vulnerabilities that could have led to a hack with a potential financial impact of over $1 billion.
For years, the United States Postal Service used several applications that had “catastrophic” bugs that could have allowed hackers to access “sensitive data,” according to a memorandum sent by the USPS Office of Inspector General earlier this year.
The memorandum, sent on July 27, identified “significant vulnerabilities” in six applications—four of which were defined “sensitive”—used in the USPS production environment for seven years. The Office of Inspector General wrote in the memo that they found 12 “common, well-known vulnerabilities that have been present for three years that could be exploited by an attacker utilizing publicly available methods”—in other words, unpatched bugs that hackers already know how to use to break into systems.