Security News > 2022 > November > Royal Mail customer data leak shutters online Click and Drop
A technical SNAFU shut down the UK's Royal Mail Click and Drop website on Tuesday after a security "Issue" allowed some customers to see others' order information.
The data leak started around 13:00 GMT, and according to an alert posted on Click and Drop's status page, Royal Mail shut down the website about an hour later.
We have been made aware there was an issue affecting Click & Drop that meant some customers could see other customers' orders.
In subsequent alerts, Royal Mail assured customers that its engineers continued to work on a fix, and hoped to have the site back online "As soon as possible." The service, which allows customers to print labels and pay for postage online, and then track packages until they reach their destination, vowed that it was "Treating this as the highest priority."
Later, Royal Mail suggested users resort to actual paper "Emergency" order forms instead of the online versions.
Royal Mail did not immediately respond to The Register's questions about how many customers' data was exposed, or whether the incident was due to a mistake or something more malicious.
News URL
https://go.theregister.com/feed/www.theregister.com/2022/11/03/royal_mail_customer_data_leak/
Related news
- Home Depot confirms worker data leak after miscreant dumps info online (source)
- Shopping platform PandaBuy data leak impacts 1.3 million users (source)
- Week in review: 73M customers affected by AT&T data leak, errors led to US govt inboxes compromise (source)
- Hacker claims Giant Tiger data breach, leaks 2.8M records online (source)
- Cerebral to pay $7 million settlement in Facebook pixel data leak case (source)
- UnitedHealth confirms it paid ransomware gang to stop data leak (source)