On Thursday we told you that fifty-two @usps.gov email addresses had been found in the Ashley Madison registration database after hackers made the information available online. Since then, we’ve been able to review the actual addresses and found a number of duplicates in the list, dropping the number of unique addresses to less than 40.
The bad news is that along with the @usps.gov emails appearing on the list, we also found five @uspis.gov email addresses. That’s the domain used by the postal service’s law enforcement arm, the US Postal Inspection Service.
Aside from the ethical issues raised by a law enforcement officer accessing the site, there’s also the danger that an inspector, possibly with a high level security clearance, might run the risk of blackmail. While a regular postal employee found to have accessed the site can probably expect a discussion, and possibly the loss of internet access, things are likely to be more serious for a Postal Inspector found to have misused his official email account.
We won’t be releasing any of the email addresses here, since we have no way of knowing for sure how reliable the information is, since the email addresses don’t appear to have been verified by the site: search on “whitehouse.gov”, for example, and you’ll find both “email@example.com” and “firstname.lastname@example.org”, along with numerous variations. It’s entirely possible that some of the email addresses were registered maliciously by third parties.
Presumably, the Inspection Service and the OIG will be investigating, and reviewing logs of internet activity to determine whether there was any actual wrongdoing. (For what its worth, we didn’t find any OIG email addresses in the listings we’ve seen).