The U.S. Patent and Trademark Office (USPTO), the federal agency responsible for granting patents and trademarks, has confirmed a significant data leak that exposed the private addresses of approximately 61,000 filers. The breach, which spanned from February 2020 to March 2023, was due to an issue discovered in one of the USPTO’s APIs. This API is used by agency staff and filers to check the status of pending and registered trademarks.
The leaked data included the private domicile addresses of the filers, which are often their home addresses. These addresses are required by U.S. law to be included in trademark applications as a measure to combat fraudulent filings. The USPTO stated that the leaked addresses also appeared in bulk datasets published online by the agency for academic and economic research purposes.
Upon discovering the issue, the USPTO blocked access to all non-critical APIs and removed the impacted bulk data products until a permanent fix could be implemented. The agency has assured that the incident was resolved on April 1, with domicile addresses being masked and API vulnerabilities corrected. The USPTO has no reason to believe that the leaked data has been misused.
USPTO spokesperson Paul Fucito provided further details, stating, “We regrettably failed to locate some of the more technical exit points and properly mask the data exported from those points. We apologize for our mistake and will do better to prevent such an incident from happening again, while also preserving our ability to crack down on the historic amount of filing fraud we’re seeing originate overseas.”
The data leak affected about 3% of the total number of applications filed during the three-year period. The USPTO has taken full responsibility for the incident and has committed to improving its data security measures to prevent such occurrences in the future.
LAStartups.com is a digital lifestyle publication that covers the culture of startups and technology companies in Los Angeles. It is the go-to site for people who want to keep up with what matters in Los Angeles’ tech and startups from those who know the city best.