The federal government agency responsible for granting patents and trademarks is alerting thousands of filers whose private addresses were exposed following a data leak for the second time in as many years.
The US Patent and Trademark Office (USPTO) said in an email this week to affected trademark applicants that their private domicile address – which may include their home address – appears in public records between August 23, 2023 and April 19, 2024. Gave.
US trademark law requires that applicants include a private address when filing their paperwork with the agency to prevent fraudulent trademark filings.
The USPTO said that although routine searches on the agency’s website did not show up any addresses, the private addresses of approximately 14,000 applicants were included in the bulk dataset. USPTO publishes online To assist in educational and economic research.
According to emails to affected applicants obtained by TechCrunch, the agency took blame for the incident, saying the addresses were “inadvertently exposed as we transitioned to a new IT system.” “Importantly, this incident was not the result of malicious activity,” the email said.
Upon discovering the security breach, the agency said it “blocked access to the affected bulk data set, deleted the files, applied a patch to fix the exposure, tested our solution, and restored access.” Enabled by.”
If this sounds remarkably familiar, the USPTO did a similar expose of applicants’ address data last June. At the time, the USPTO said this inadvertently exposed The private addresses of approximately 61,000 applicants in years’ worth of data were partially exposed through the release of its bulk dataset, and it told affected individuals that the problem had been fixed.
Reached for comment on Wednesday, USPTO Deputy Chief Information Officer Deborah Stephens told TechCrunch that the new exposure was discovered as part of efforts to modernize the agency’s IT infrastructure.
“All the improvements we made were in place and remain in place,” Stephens said. “As we are modernizing and taking legacy systems from different decades of standards and protocols, a system error occurred in the creation and modernization of that bulk data set.”
Stephens said the USPTO has implemented new checks when compiling and publishing its bulk data sets, including “error correction with file creation”, to prevent the spread of personal information in the future.
“We are looking at our legacy-to-modern process to be able to identify ways in which we can improve our IT development, processing, And can improve distribution.” Stephens said.
The USPTO told the affected individuals that the agency has “no reason to believe” that the exposed addresses were misused.
us-patent-and-trademark-office-confirms-another-leak-of-filers-address-data-techcrunch
