Security breaches are always the most exciting headline in the news. People love talking about hackers and the black market because it’s really cool and sleek, although the reality is that hacking is less about hackers and more about this.
That is what makes the US Postal Service API security flaw particularly interesting. Specifically, this weakness allowed people to access data their account wasn’t supposed to see by simply editing a wildcard search by hand. This meant that anyone could retrieve all the records on any sort of data set. So how did this happen?