U.S. Postal Service just fixed a security weakness that allowed anyone who has an account at usps.com to view account details for some 60 million other users, and in some cases to modify account details on their behalf.

https://krebsonsecurity.com/2018/11/usps-site-exposed-data-on-60-million-users/