FlightAware configuration error leaked user data for years.

Who would have thought that following the celestial routes of aircrafts would lead to the possibility of finding one's data mistakenly leaked online? FlightAware, the famous US flight-tracking platform, recently issued a notice to its users: in it, the company strongly advised users to reset their account passwords, following a cyber incident that may have leaked personal data.

The statement was published on the website of the California Attorney General's Office and explains, more precisely, that the incident in question appears to have occurred due to a configuration error, in January 2021. The incident was only discovered during the last week of July 2024, which means that user data remained ‘exposed’ online for more than three years.

The data involved included first name, surname, address (and IP address), social media accounts, telephone number, year of birth and other personal information - including the last four digits of the credit card.