Radio Krakow reported a huge data leak from the InPost database. Private contact details of the company's clients could be obtained by logging in to your account. InPost claims that the incident concerned only 0.04 percent. users, but these numbers have nothing to do with the real scale of the problem.

Incidents like this do not happen often. Although InPost reacted to reporting in a very expressive pace, downplaying the leak, and with it we are dealing with, puts the company in an extremely bad light. One of the reporters of Radio Krakow after logging into his account, InPost gained the opportunity to observe every subsequent order in the system. I would add that it is about orders other than reporter clients. Among the information to which access was obtained, there were contact details , that is, goods protected by various regulations, for example RODO. The matter is serious, though not everyone is willing to admit it.

InPost commented on the data leakage issue The company claims that the problem concerned only 0.04% of all users , or at least that InPost was identified. I would not want to undermine the company's message and I am far from it, but the whole thing seems to be too gentle. InPost assured that IT teams reacted to the notification immediately, thanks to which appropriate actions were taken and further unauthorized data was obtained, but the fact remains … private information has been or could have been made public and the company should inform every client about this possibility separately. The case was reported to the Office for Personal Data Protection , which is of course the responsibility of the company in which the information leaked unauthorized. Source 1 , 2