FlightAware asked the user to change the passwords for the account of them, after they had found out that their personal data had to be accessible to everyone, after an error is set up. Serious problems of safety and security was present for more than 3 years now, but it was made by the american company, only at the end of July, 2024.
The restoration of the binding of the password
FlightAware is considered the largest in the tracking of the flight in the world with a network of more than 32,000 stacionesh surveillance-broadcast automatic dependent (ADS-B in 200 countries. It also receives the data from the systems of air traffic control at a 45-seats, satellite Aireon ADS-B, and the relation to the data (satellite/VHF) from the dealer to the other, including ARINC, SITA, Satcom Direct, Garmin and Honeywell GoDirect.
As specified in the official website, the error of the set was revealed on the 25th of July. The details of the account were then showcased accidentally on the internet. The communication is forwarded to the office of the Prosecutor-General California saktëson that the “leak” was launched on January 1, 2021, so about 3 years ago.
The first three parts of the data were, of course, be accessible to all,: ID's of the users that the email address and password. Based on all the information that you have entered in your account, you have also discovered your full name, email address and billing address, and shipping address, IP address, account, social media, telephone number, year of birth, the four figures to the end of the card to your credit card, the ownership of the aircraft, the status of the pilot, the activity of the account and the social security number (only the users in the united states).
FlightAware did not give details about the error in the configuration, but it has been arranged. After the introduction of the first, the user will be prompted for a restoration of the binding of the password. To avoid the attacks of the loading of credentials, it is necessary to change the password (if it is authentic) used to access the services of the other.
Discussion about this post