FlightAware, a popular flight-tracking service, experienced a configuration error that led to the exposure of personal customer data, including names, email addresses, and in some cases Social Security numbers. The breach may date as far back as January 2021 and due to the nature of the data exposed, users were mandated to reset their passwords. The compromised data could potentially be leveraged for identity theft, fraud, and other malicious activities, thereby putting affected customers at risk.
Source: https://www.wired.com/story/the-us-navy-has-run-out-of-pants/
TPRM report: https://scoringcyber.rankiteo.com/company/flightaware
"id": "fli000082524",
"linkid": "flightaware",
"type": "Breach",
"date": "8/2024",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"{'affected_entities': [{'industry': 'Aviation Technology',
'name': 'FlightAware',
'type': 'Company'}],
'attack_vector': 'Configuration Error',
'data_breach': {'personally_identifiable_information': True,
'sensitivity_of_data': 'High',
'type_of_data_compromised': ['names',
'email addresses',
'Social Security numbers']},
'description': 'FlightAware, a popular flight-tracking service, experienced a '
'configuration error that led to the exposure of personal '
'customer data, including names, email addresses, and in some '
'cases Social Security numbers. The breach may date as far '
'back as January 2021 and due to the nature of the data '
'exposed, users were mandated to reset their passwords. The '
'compromised data could potentially be leveraged for identity '
'theft, fraud, and other malicious activities, thereby putting '
'affected customers at risk.',
'impact': {'data_compromised': ['names',
'email addresses',
'Social Security numbers'],
'identity_theft_risk': 'High'},
'response': {'remediation_measures': ['Mandatory password reset']},
'title': 'FlightAware Data Exposure Incident',
'type': 'Data Breach'}