FlightAware recently announced a significant data breach that resulted in the exposure of users' sensitive information, including names, email addresses, passwords, phone numbers, and the last four digits of credit card numbers. As the leading commercial aircraft flight tracking service, FlightAware is known for its reliable tracking capabilities.
A statement sent out to customers by FlightAware revealed that a "configuration error" led to the potential exposure of personal data for an unspecified number of users. According to investigations conducted by Strauss Borrelli, a law firm representing FlightAware, unauthorized parties could have accessed sensitive information stored in the company's systems between January 1, 2021, and July 25, 2024.
The compromised data includes usernames, passwords, and email addresses of users. Additionally, depending on the information provided on their accounts, users' full names, social media accounts, last four digits of credit card numbers, home and IP addresses, phone numbers, year of birth, and account activity may have been leaked. This account activity encompasses comments posted and flights viewed.
FlightAware took immediate action to rectify the configuration error once it was identified on July 25. Ongoing investigations are being conducted to determine whether malicious parties have exploited the exposed data. While FlightAware did not specify whether passwords were encrypted, the company has mandated that all users reset their passwords as a precautionary measure.
English (US)