The federal authorities company chargeable for granting patents and logos is alerting hundreds of filers whose non-public addresses had been uncovered following a second knowledge spill in as a few years.
The U.S. Patent and Trademark Workplace (USPTO) mentioned in an e mail to affected trademark candidates this week that their non-public domicile tackle — which might embrace dwelling tackle — appeared in public data between August 23, 2023 and April 19, 2024.
U.S. trademark regulation requires that candidates embrace a personal tackle when submitting their paperwork with the company to forestall fraudulent trademark filings.
USPTO mentioned that whereas no addresses appeared in common searches on the company’s web site, about 14,000 candidates’ non-public addresses had been included in bulk knowledge units that USPTO publishes on-line to assist tutorial and financial analysis.
The company took blame for the incident, saying the addresses had been “inadvertently uncovered as we transitioned to a brand new IT system,” in accordance with the e-mail to affected candidates, which Prime Time News24 obtained. “Importantly, this incident was not the results of malicious exercise,” the e-mail mentioned.
Upon discovery of the safety lapse, the company mentioned it “blocked entry to the impacted bulk knowledge set, eliminated information, applied a patch to repair the publicity, examined our answer, and re-enabled entry.”
If this sounds remarkably acquainted, USPTO had an identical publicity of candidates’ tackle knowledge final June. On the time, USPTO mentioned it inadvertently uncovered about 61,000 candidates’ non-public addresses in a years-long knowledge spill partly by means of the discharge of its bulk knowledge units and informed affected people that the problem was fastened.
When reached for remark Wednesday, USPTO’s deputy chief data officer Deborah Stephens informed Prime Time News24 that the brand new publicity was found as a part of the company’s efforts to modernize its IT infrastructure.
“The repair we had in place was all in place, and stays in place,” mentioned Stephens. “As we’re modernizing and taking the legacy methods from the totally different a long time of requirements and protocols, the system error occurred within the creation and modernization of that bulk knowledge set.”
Stephens mentioned USPTO put in place new checks when collating and publishing its bulk knowledge units that embrace “error correction with file creation,” which ought to forestall future spills of non-public data.
“We’re taking a look at our legacy-to-modern means of having the ability to establish methods wherein we are able to enhance our IT improvement, processing and supply by taking extra of a holistic strategy to our knowledge, and particularly externally or publicly going through methods,” Stephens mentioned.
USPTO informed affected people that the company has “no cause to imagine” that uncovered addresses have been misused.
