The United States Patent and Trademark Office (USPTO) recently issued a notice that a data security incident exposed domicile addresses of numerous trademark applicants who filed applications between February 2020 and March 2023. A copy of the first page of the notice is below: The USPTO stated that the incident occurred when a vulnerability in its API (Application Programming Interface) allowed unauthorized access to the trademark applicant’s domicile addresses. The vulnerability has since been fixed, but the USPTO has acknowledged that unauthorized individuals may have obtained the applicants’ domicile addresses.

The USPTO stated that the incident occurred when a vulnerability in its API (Application Programming Interface) allowed unauthorized access to the trademark applicants’ domicile addresses. The vulnerability has since been fixed, but the USPTO has acknowledged that unauthorized individuals may have obtained the applicants’ domicile addresses.

Surprisingly, the USPTO notified only trademark applicants who may have been affected by the incident. This means that trademark attorneys may not be aware that their clients have been affected by the data breach. If you received a notice from the USPTO about the data breach and you hired a trademark attorney to handle your trademark application, you may want to notify your legal counsel of the notice and seek further advice.

The data breach incident is concerning because it raises questions about the security of personal information held by the USPTO. The USPTO has maintained that if trademark applicants hired a trademark attorney to file their trademark applications, then their personal information, such as email and domicile addresses, would be hidden from all publicly accessible records. However, the recent incident demonstrates that this is not the case.

Furthermore, trademark scams have been on the rise recently. If a trademark scammer has access to your home address, they may mail letters to trademark owners requesting a payment or other personal information that appear to come from the USPTO.

Recommendations

While the USPTO is working to improve the security of its systems and data, it is imperative that trademark applicants be aware of the risks of this data breach and take steps to protect their personal information.

The following are example steps that trademark applicants can take to protect their personal information and intellectual property rights:

1. Contact your trademark attorney immediately. If you do not have trademark counsel and have received a “Notice of Data Security Incident” from the USPTO, please contact one of our trademark or intellectual property attorneys.
2. Never give out your personal information, such as your Social Security number or credit card number, over the phone or in an email.
3. Be wary of any unsolicited mail, emails, or phone calls from scammers purporting to be from the USPTO or trademark-related organization. Contact your trademark attorney to verify any communication from an unknown party.

The following are some specific examples of trademark-related scams to watch out for:

• Phishing Scams: Phishing scams are often in email form and appear to be from the USPTO or another trademark-related organization. They often ask you to click a link or provide personal information.
• Imposter Scams: Imposter scams occur in the mail, emails, or phone calls. Scammers pose as trademark attorneys or other legal professionals and attempt to trick you into paying them for services that you do not need.
• Trademark Infringement Scams: These scammers send you mail or emails claiming that you have infringed on someone’s trademark, and they demand that you pay a fee.

4. You may voice your concerns or file a complaint with the USPTO’s Office of General Counsel, the Federal Trade Commission (FTC), or other government agencies.

Conclusion

If you have specific questions concerning the USPTO’s “Notice of Data Security Incident” or suspect you have been subject to a trademark scam, don’t hesitate to get in touch with a trademark attorney.

[View source.]