News has surfaced that one of the world’s most popular flight tracking services Flightradar24, which shows real-time aircraft flight information on a map, has suffered a massive data breach that may have compromised email addresses and hashed passwords for more than 230,000 customers. IT security experts commented below.
Javvad Malik, Security Advocate at AlienVault:
“While details are still emerging, it is encouraging to see that the company was able to apparently detect the breach within a few days and notify its customers. Compared to industry averages, this is a quick turnaround, and highlights the importance of having strong monitoring and threat detection controls in place.
Alongside the monitoring capabilities, it is also important to have response technologies and processes in place that have been tested. The email notification that went to users seemed to cause some confusion and mistaken for a phishing attempt by some. It is why clear communication and having established means of informing users of a breach is important.
Users should change their password not only on the site, but also anywhere else they may have used that particular password to ensure criminals don’t try to access other accounts. It is also useful for users to sign up to a service like Have I been Pwned http://haveibeenpwned.com/ to check if their account has been compromised in any other breach.”
Adam Brown, Manager of Security Solutions at Synopsys:
“If Flightradar24 is adhering to best practices, they should have in place adequate logging and monitoring which will help them track down how the breach occurred and what was breached.
“Without knowing details of the attack we can’t speculate about how it was done, however the attackers may have been most interested in payment card information given the company offer a commercial service.
“This could potentially fall under the eyes of the PCI Council and Datainspektionen (Swedish supervisory authority), who will be interested to know if the company has done its best to secure its data under the GDPR.”
About the Author
The opinions expressed in this post belongs to the individual contributors and do not necessarily reflect the views of Information Security Buzz.
