Confidential details about Heathrow Airport's security planning were found stored on an unclaimed memory stick lying close to the Airport.
The memory stick contained secret details about security planning, locations of CCTV cameras as well as pre-decided routes for politicians and dignitaries.
The man who found the memory stick in Ilbert Street and checked its contents at home found that a lot of its contents were unencrypted. Not only did it contain restricted routes for the Queen, politicians, and dignitaries, but also escape routes for the Heathrow Express railway.
If a malicious actor gained access to the memory stick, he would also have learned about all the IDs required to access restricted areas of the airport. He would also have learned about the locations of all CCTV cameras in and around the world's busiest airport and details about an ultrasound radar system that scans all roads and runways.
Heathrow said that while it has launched an internal investigation to understand how the data got leaked and to prevent a similar occurrence in the future, none of its security systems have been breached so far.
'The UK and Heathrow have some of the most robust aviation security measures in the world and we remain vigilant to evolving threats by updating our procedures on a daily basis. We have reviewed all of our security plans and are confident that Heathrow remains secure' the airport said.
According to the Sunday Mirror, the news agency first contacted by the man who found the memory stick, the Met Police are now working with airport chiefs to understand how such confidential details ended up in the street.
'The fear is that this information could have been downloaded and disseminated God knows where. The worry is it ends up on the dark web and used by bad guys to pick holes in airport security,' said a police source to the Mirror.
It is also possible that the information may have been copied by someone at the airport who was authorised to access it and may have inadvertently dropped the memory stick on the street. Considering that airport staff are not allowed to transfer confidential details to unsecured portable drives, the breach could also be a result of insider access.
'Knowing this information would cut down on surveillance and could potentially make access easier. Security chiefs will be working hard to ensure there is no physical threat as a result of this breach and changing processes if necessary,' said a security expert who helped the Mirror examine the memory stick.
'It is not helpful – certainly not best practice – to have maps and drawings of one of the UK’s biggest airports left in the street. It is serving up intelligence on a plate to people. It’s hugely embarrassing and should not have happened. In the wrong hands it could potentially be very helpful and would save them a lot of time in planning an attack,' the expert added.