Flightrader24 has suffered a breach that “may” have exposed the passwords of a small subset of users – though, thankfully, not in plane (arf) text.
Swedish-based Flightradar24 sent emails to users of the service – which shows avation enthusiasts real-time aircraft flight information – earlier this week, and in a subsequent forum post confirmed that the emails were genuine.
“The security breach may have compromised the email addresses and hashed passwords for a small subset of Flightradar24 users (those who registered prior to March 16, 2016),” an adminstrator said.
“We would like to apologize that this breach occurred and for the inconvenience this may cause. We would also like to stress that we have no indication any of personal information was compromised.
“Please note that no payment information has been compromised. Flightradar24 neither handles nor stores payment information.”
The company goes on to explain that the breach, first reported by ITNews, was limited to one server, which was “promptly” shut down once the intrusion had been discovered.
The company is advising that users change the password for their Flightradar24, and that they change it on other services that may share re-use same login credentials.
“Please accept our sincere apologies for any inconveniences caused,” the firm continues.
https://www.theinquirer.net/inquirer/news/3034562/flightradar24-breach-sees-hackers-take-off-with-user-passwords