On Friday, the USPTO sent out a notice to many trademark owners whose email address were “recently identified a data security incident that impacted domicile information in certain trademark filings between February 2020 and March 2023.”
This incident is quite concerning, as the USPTO has maintained for several years that the applicant email address (when an application is filed using an attorney) would be hidden from all publicly accessible records. But now the USPTO indicates that there was a way to access the email addresses through the USPTO’s API’s and in bulk data sets. (These systems allow researchers, software developers, and others to retrieve USPTO trademark data in volume.)
If you received the notice (copied below), we recommend that you:
- notify your trademark attorney (incredibly, the USPTO did not send the notice to the attorneys, only to the applicants)
- be extra vigilant regarding possible scammers of all types, especially trademark related messages that looks official but are not. For more on trademark scams see www.isthisatrademarkscam.com.
- consider filing a complaint or voicing your concerns with the USPTO and other government agencies.
I certainly hope to see some follow up information and details from the USPTO, as well as an external investigation regarding the incident and the delayed disclosure.
This story will no doubt continue to evolve – stay tuned for more.
