Researchers say the Iranian nation-state actor known as Tortoiseshell could be behind the attacks. Read More
Related Posts
Memorial University recovers from cyberattack, delays semester start
Memorial University recovers from cyberattack, delays semester start
The Memorial University of Newfoundland (MUN) continues to deal with the effects of a cyberattack that occurred in late December and postponed the start of classes in one campus. […] Read More
BleepingComputer
FlightAware Data Leak Exposes Users’ Personal Information
FlightAware Data Leak Exposes Users’ Personal Information
The popular flight-tracking website FlightAware discovered a configuration error that exposed the sensitive personal information of its users.
The data leak included user IDs, passwords, and email addresses, and depending on the information provided by users may have also exposed full names, billing and shipping addresses, IP addresses, social media accounts, telephone numbers, birth years, partial credit card numbers, aircraft ownership details, industry, title, pilot status, and account activity such as flights viewed and comments posted.
The data leak potentially affects all FlightAware users who had accounts between January 1, 2021, and July 25, 2024. FlightAware has not disclosed the exact number of impacted individuals. However, as a precaution, the company requires all potentially affected users to reset their passwords.
Upon discovering the exposure, FlightAware stated they immediately fixed the configuration error. The company began notifying impacted users via email on August 15, 2024. In the breach notification, FlightAware provides affected individuals with details on the specific types of personal information exposed and offers 24 months of complimentary credit monitoring services.
Free Webinar on Detecting & Blocking Supply Chain Attack -> Book your Spot
FlightAware users are advised to:
Reset passwords on their FlightAware account as well as any other accounts using the same password.
Change passwords to linked social media accounts that may have been exposed.
Consider using a password manager to create and store strong, unique passwords for each account.
Monitor credit reports and financial accounts for suspicious activity.
Notify their bank about the potential credit card information exposure and request a new card number.
Some users have expressed frustration about having to pay for a service only to have their data breached. There are also concerns about FlightAware’s data security practices, with some speculating that passwords may have been stored in plain text.
Are you from SOC and DFIR Teams? Analyse Malware Incidents & get live Access with ANY.RUN -> Get 14 Days Free Acces
The post FlightAware Data Leak Exposes Users’ Personal Information appeared first on Cyber Security News.
Cylance confirms data breach linked to ‘third-party’ platform
Cylance confirms data breach linked to ‘third-party’ platform
Cybersecurity company Cylance confirmed the legitimacy of data being sold on a hacking forum, stating that it is old data stolen from a “third-party platform.” […] Read More