Parcelforce customers' names addresses and postcodes were available online after a system related to the company's mail tracker service failed.
Parcelforcehas now rectified the problem and apologised to customers.
A BBC investigation revealed that when some customers entered their unique reference number for tracking a delivery, they gained access to other people's delivery details.
By submitting your email address, you agree to receive emails regarding relevant topic offers from TechTarget and its partners. You can withdraw your consent at any time. Contact TechTarget at 275 Grove Street, Newton, MA.
The BBC reported that in a period of 30 minutes,the system revealed details of parcels destined fora wide range of locations, including Cleveland, Swansea and Shanghai.
Name, postcode and signature details would allow fraudsters to steal someone's identity. The data breach breaks rules set by the Information Commissioner's Office (ICO).
A spokesperson for the ICO said,"Any organisation which processes personal information must ensure that adequate safeguards are in place to keep that information secure. This is an important principle of the Data Protection Act. Failure to protect personal details such as names, addresses and signatures could lead to information falling into the wrong hands and ultimately the loss of customers' trust and confidence."
The ICO said it will contactParcelforce"to establish how this security breach occurred and to find out what steps it will be taking to ensure that such a breach cannot happen again."
Parcelforce said the problem hadbeen rectified and the service was back to normal last night. It also apologised.
Photo by Jason Bye/Rex Features