One of the world's most popular flight tracking services Flightradar24, which shows real-time aircraft flight information on a map, has suffered a massive data breach that may have compromised email addresses and hashed passwords for more than 230,000 customers.
Without revealing any information about the breach publically via their blog or social media accounts, Flightradar24 started sending out emails earlier this week with a password reset link, asking them to change their passwords.
The incomplete reference to suddenly announced data breach incident via emails and providing a unique password reset link to each user caused some customers to suspect that they have been a target of a phishing attack.
However, later the company confirmed the breach while responding to its customers’ queries on the official forum and Twitter, saying that the breach notifications they have received via emails are legitimate and that neither payment nor personal information has been compromised.
"The security breach may have compromised the email addresses and hashed passwords for a small subset of Flightradar24 users (those who registered prior to March 16, 2016)," the company said.
"We have already invalidated your old password and the link in the email will allow you to create a new password."
The Swedish-based company also confirmed that the security breach was limited to only one of its servers, which has been shut down immediately after the intrusion was detected late last week.
The company claimed that the breached passwords were hashed, though it did not specify the hashing algorithm or if they were protected using a salt, which adds an extra layer of security to your hashed passwords.
To protect accounts of its customers, in case hackers manage to crack some passwords from the list, Flightradar24 has already expired previous passwords for the affected user, forcing them to set a new password before accessing their accounts.
However, it would also be a great idea to change your passwords on other online services and platforms as well, if you share the same credentials.
Commenting on this, Adam Brown, manager of security solutions at Synopsys, said "If Flightradar24 is adhering to best practices, they should have in place adequate logging and monitoring which will help them track down how the breach occurred and what was breached.
"Without knowing details of the attack we can’t speculate about how it was done, however the attackers may have been most interested in payment card information given the company offer a commercial service.
"This could potentially fall under the eyes of the PCI Council and Datainspektionen (Swedish supervisory authority), who will be interested to know if the company has done its best to secure its data under the GDPR."