FlightAware has attributed the exposure of personal customer information, including Social Security numbers, to a configuration error
The company, which asserts to be one of the largest aggregators of flight data, stated in a notice posted on its website that it discovered the unspecified error on July 25.
The error exposed names, email addresses, and other information contingent upon the information users supplied to the company.
According to FlightAware, the data that has been disclosed includes “billing address, shipping address, IP address, social media accounts, telephone numbers, year of birth, last four digits of your credit card number, information about aircraft owned, industry, title, pilot status (yes/no), and your account activity (such as flights viewed and comments posted).”
FlightAware reported in a separate notice to California’s attorney general’s office that its investigation revealed the exposure of Social Security numbers and passwords.
Consequently, the organisation has announced that it is mandating that all affected users reset their account credentials. The notification from FlightAware does not specify whether or not customers’ credentials are encrypted or to what extent.
According to the notice submitted to the state, the infraction occurred in January 2021, more than three years ago.
The company’s description of a configuration error suggests that the error was caused by the company rather than a malicious cyberattack.
FlightAware acknowledges that customer data was exposed; however, it is unclear whether anyone accessed or exfiltrated the data or whether the company possesses the technical resources, such as logs, to ascertain whether anyone downloaded the customer data.
Kathleen Bangs, the spokesperson for FlightAware, declined to respond to enquiries regarding the number of consumers affected.
According to FlightAware’s website, monthly consumers exceed 10 million.
Italy is set to reduce the crypto tax rate to 28%, lowering it from a previously proposed 42%, to create…
Cardano founder Charles Hoskinson has hinted at a potential partnership with Ripple, commending Brad Garlinghouse and advocating for greater crypto…
DeFi Tech, a company that connects traditional finance and cryptocurrency by offering exposure to digital assets DeFi unveiled a new…
President-elect Donald Trump will try to prevent TikTok from getting banned in the United States The Washington Post reported on…
DeFi yield farming has emerged as a cornerstone of DeFi, enabling users to earn passive income by lending or staking…
Twitter is no longer a “digital town square” since the U.S. presidential election as many users unhappy with the app's…