The U.S. Patent and Trademark Office (USPTO) is facing scrutiny once again after a second data spill in as many years exposed the private addresses of thousands of trademark applicants. The agency sent out emails this week to notify affected individuals that their private domicile addresses, including home addresses, were inadvertently made public between August 23, 2023, and April 19, 2024.
This breach, which occurred as the agency transitioned to a new IT system, involved about 14,000 applicants whose addresses were included in bulk datasets published online by USPTO for research purposes. While the agency stated that the addresses did not appear in regular searches on their website, the exposure was a result of a system error rather than malicious activity.
Deborah Stephens, USPTO’s deputy chief information officer, explained that the agency has implemented new checks and error correction measures to prevent future data spills. Despite the incident, USPTO assured affected individuals that there is no evidence to suggest that their exposed addresses have been misused.
This latest breach comes on the heels of a similar incident last June, where the private addresses of 61,000 trademark applicants were inadvertently exposed. USPTO’s efforts to modernize its IT infrastructure have led to these security lapses, prompting the agency to reevaluate its processes to safeguard sensitive information in the future.