Popular airline tracking service Flightradar24 is reporting that they’ve suffered a fairly substantial data breach that could have compromised email addresses for over 230,000 users. The service is also saying that hashed passwords belonging to these users are also now potentially compromised as well.
No information about the breach was publicly announced on the service’s blog or social media accounts at first. However, they began sending out emails to users earlier in the week prompting them to change their password as soon as possible.
Flightradar24 shows users real-time updated airline flight information by aggregating content from three different sources. Information provided by ADS-B and MLAT communications data is augmented with FAA updates that are only delayed around five minutes. This has made it an extremely popular platform for those need to know where a flight is at any given time.
Popularity has in turn assured that countless users have registered for their own login details. Emails sent out by the service read that the breach could have compromised the information of a small subset of these members. Their own security experts apparently feel that those who registered for an account after March 16, 2016 aren’t at risk.
Instead of storing passwords in plain text, Flightradar24’s servers convert them into hashed character strings that should be impossible to guess on most occasions. As a precaution, security experts working for Flightradar24 recommended that the hashing algorithm be retired as they no longer considered it secure.
As some people originally believed that they were being targeted by a phishing attack and therefore ignored the requests to reset their passwords, Flightradar24 later mentioned on their official Twitter account that the breach was genuine and users should create a new password.
The company that owns the application platform confirmed that the breach only influenced one of their servers. Technicians were able to shut it down as soon as the intrusion was detected, which kept the situation from getting out of hand.
Previous passwords of affected users are now expired, though Flightradar24 users are also urged to reset other passwords if they had ever used the same credentials for more than one service.