Sensitive data on Heathrow Airport security found on abandoned memory stick

Sensitive data on Heathrow Airport security found on abandoned memory stick

Sensitive data on Heathrow Airport security found in abandoned memory stick

Confidential details about Heathrow Airport's security planning were found stored on an unclaimed memory stick lying close to the Airport.

The memory stick contained secret details about security planning, locations of CCTV cameras as well as pre-decided routes for politicians and dignitaries.

The man who found the memory stick in Ilbert Street and checked its contents at home found that a lot of its contents were unencrypted. Not only did it contain restricted routes for the Queen, politicians, and dignitaries, but also escape routes for the Heathrow Express railway.

If a malicious actor gained access to the memory stick, he would also have learned about all the IDs required to access restricted areas of the airport. He would also have learned about the locations of all CCTV cameras in and around the world's busiest airport and details about an ultrasound radar system that scans all roads and runways.

Heathrow said that while it has launched an internal investigation to understand how the data got leaked and to prevent a similar occurrence in the future, none of its security systems have been breached so far.

'The UK and Heathrow have some of the most robust aviation security measures in the world and we remain vigilant to evolving threats by updating our procedures on a daily basis. We have reviewed all of our security plans and are confident that Heathrow remains secure' the airport said.

According to the Sunday Mirror, the news agency first contacted by the man who found the memory stick, the Met Police are now working with airport chiefs to understand how such confidential details ended up in the street.

'The fear is that this information could have been downloaded and disseminated God knows where. The worry is it ends up on the dark web and used by bad guys to pick holes in airport security,' said a police source to the Mirror.

It is also possible that the information may have been copied by someone at the airport who was authorised to access it and may have inadvertently dropped the memory stick on the street. Considering that airport staff are not allowed to transfer confidential details to unsecured portable drives, the breach could also be a result of insider access.

'Knowing this information would cut down on surveillance and could potentially make access easier. Security chiefs will be working hard to ensure there is no physical threat as a result of this breach and changing processes if necessary,' said a security expert who helped the Mirror examine the memory stick.

'It is not helpful – certainly not best practice – to have maps and drawings of one of the UK’s biggest airports left in the street. It is serving up intelligence on a plate to people. It’s hugely embarrassing and should not have happened. In the wrong hands it could ­potentially be very helpful and would save them a lot of time in planning an attack,' the expert added.

Copyright Lyonsdown Limited 2020

Top Articles

How the human immune system inspired a new approach to cyber-security

Artificial intelligence is being used to understand what’s ‘normal’ inside digital systems and autonomously fight back against cyber-threats

Solarwinds CEO blames former intern for hilarious password fiasco

SolarWinds has accused a former intern of creating a very weak password for its update server and storing it on a GitHub server for months.

Hackers accessed Npower customer accounts via a credential-stuffing attack

Npower suffered a major data breach that involved hackers using stolen passwords to gain access to a large number of customer accounts.

Related Articles