Shaheen Pushes Postmaster DeJoy to Increase Security & Verification Tools to Combat Fraudulent Requests to Change Addresses

September 09, 2022

**Letter comes on heels of instances of constituents whose addresses were changed & mail redirected without their knowledge** 

(Washington, DC) – U.S. Senator Jeanne Shaheen (D-NH) sent a letter to Postmaster General Louis DeJoy regarding instances of change of address requests filed without Granite Staters’ knowledge. Despite increasing rates of change of address fraud and concerns around procedures to verify individuals who request address changes, reports found the U.S. Postal Service has not implemented effective verification controls for such procedures. 

“My office has received troubling reports from two constituents whose personal information has been used to file change of address requests with the Postal Service, which subsequently rerouted their mail to unknown recipients without the constituents’ knowledge. These incidents raise concerns around the security of the Postal Service’s change of address procedure and the agency’s ability to confirm the identity of individuals making such requests,” Shaheen wrote

Shaheen also asked Postmaster DeJoy how the Postal Service ensures that online change of address procedures are secure and what additional steps can be taken to prevent change of address fraud. 

She continued: “I would appreciate answers to the following questions: How does the Postal Service ensure that the online change of address procedure is secure? What additional measures may need to be implemented in order to secure this process for customers? What action is the Postal Service taking to prevent similar situations from occurring in the future?” 

Full text of the letter is available here and below: 

Dear Postmaster General DeJoy, 

I write with concerns regarding fraudulent activity relative to change of address requests made to the U.S. Postal Service. 

My office has received troubling reports from two constituents whose personal information has been used to file change of address requests with the Postal Service, which subsequently rerouted their mail to unknown recipients without the constituents’ knowledge. These incidents raise concerns around the security of the Postal Service’s change of address procedure and the agency’s ability to confirm the identity of individuals making such requests. 

The Office of the Inspector General has found that the Postal Service did not implement effective identity verification controls for the online change of address procedure and has recommended that such controls be developed and implemented. In a report dated April 12, 2022, the Office of the Inspector General writes, “Based on our analysis, online [change of address] COA fraud and attempted identity theft by individuals and organized groups increased from 8,857 to 23,606 (167 percent) from 2020 to 2021.” Specifically, the report recommends the Postal Service “develop controls to verify that online change of address requests are authorized by the resident of the address.” However, the Postal Service has declined to take recommended action to mitigate this issue. In response to the Inspector General’s recommendation the Postal Service responded that the agency “thoroughly assessed the risk, cost, and failure rate of options and continue to assess these [current] controls as sufficient.” 

Protecting our citizens’ identities is paramount. Therefore, I would appreciate answers to the following questions: 

  1. How does the Postal Service ensure that the online change of address procedure is secure? 
  2. What additional measures may need to be implemented in order to secure this process for customers? 
  3. What action is the Postal Service taking to prevent similar situations from occurring in the future? 

Thank you for your attention to this important matter and I look forward to your response. 

###