Prolonged data breach impacts US Patent and Trademark Office

The U.S. Patent and Trademark Office has disclosed that nearly 61,000 trademark applicants had their private domicile addresses exposed in public records from February 2020 to March 2023 as a result of an issue in one of its APIs, according to TechCrunch. Discovery of the inadvertent data leak, which has impacted nearly 3% of trademark filers over the three-year period, has prompted the immediate blocking of access to all of the agency's non-critical APIs, as well as the takedown of bulk data products, said the UPSTO, which noted that the issue has been addressed on April 1. "As indicated in our notice to impacted filers, while domicile addresses are required under trademark law, we took the voluntary step of masking this information in 2020 as part of our efforts to secure the data that the public accesses directly and frequently. We regrettably failed to locate some of the more technical exit points and properly mask the data exported from those points," said USPTO spokesperson Paul Fucito.