A recent article in Yahoo News discusses confirmed leaks by the USPTO of filers’ data, namely private domicile address, which may include their home address which “appeared in public records between August 23, 2023 and April 19, 2024.” The USPTO allows for filer’s to enter data regarding their address in a private section to curb fraudulent filings, while other information address information may be publically accessible, including attorney correspondent address and information.
The USPTO revealed that a problem was identified within one of its APIs, enabling applications used by both agency personnel and applicants to connect to a system for verifying the status of pending and registered trademarks. Additionally, the USPTO mentioned that the address data was also present in comprehensive datasets published online by the agency to support academic and economic research.
Upon discovering the issue, the USPTO promptly restricted access to all non-critical APIs and withdrew the affected bulk data products until a permanent solution could be implemented. An affected applicant noted, “When we discovered the issue, we blocked access to all USPTO non-critical APIs and took down the impacted bulk data products until a permanent fix could be implemented.”
When contacted for further information, USPTO spokesperson Paul Fucito elaborated on the matter, stating, “As indicated in our notice to impacted filers, while domicile addresses are required under trademark law, we took the voluntary step of masking this information in 2020 as part of our efforts to secure the data that the public accesses directly and frequently.”
