Security News > 2022 > November > Royal Mail customer data leak shutters online Click and Drop
A technical SNAFU shut down the UK's Royal Mail Click and Drop website on Tuesday after a security "Issue" allowed some customers to see others' order information.
The data leak started around 13:00 GMT, and according to an alert posted on Click and Drop's status page, Royal Mail shut down the website about an hour later.
We have been made aware there was an issue affecting Click & Drop that meant some customers could see other customers' orders.
In subsequent alerts, Royal Mail assured customers that its engineers continued to work on a fix, and hoped to have the site back online "As soon as possible." The service, which allows customers to print labels and pay for postage online, and then track packages until they reach their destination, vowed that it was "Treating this as the highest priority."
Later, Royal Mail suggested users resort to actual paper "Emergency" order forms instead of the online versions.
Royal Mail did not immediately respond to The Register's questions about how many customers' data was exposed, or whether the incident was due to a mistake or something more malicious.
News URL
https://go.theregister.com/feed/www.theregister.com/2022/11/03/royal_mail_customer_data_leak/