The Business & Technology Network
Helping Business Interpret and Use Technology
S M T W T F S
 
 
 
 
 
1
 
2
 
3
 
4
 
5
 
6
 
7
 
8
 
9
 
 
 
 
 
 
 
 
 
 
 
 
 
22
 
23
 
24
 
25
 
26
 
27
 
28
 
29
 
30
 

Whoops: FlightAware Exposes Sensitive Personal Data Of Millions Of Users, Pilots, And Plane Owners

DATE POSTED:August 26, 2024

Popular flight tracking app FlightAware says that they accidentally leaked the personal data of its 10,000 aircraft operators and 12 million users. According to an announcement by the company sent to users, “a configuration error” resulted in the company exposing user usernames, passwords, email addresses, names, billing addresses, telephone numbers, birth dates, aircraft ownership records, user data, and more.

The company is requesting that users reset their account passwords:

FlightAware values your privacy and deeply regrets that this incident occurred. Once we discovered the exposure, we immediately remedied the configuration error. Out of an abundance of caution, we are also requiring all potentially impacted users to reset their password.

In other words, almost all of the data users entered into the website was accidentally left freely available on the open internet. The company didn’t specify whether this data was externally accessed; likely because they don’t know.

As we’ve noted repeatedly, such mistakes are increasingly commonplace in a country that’s simply too corrupt to pass a meaningful privacy law for the internet era. Trading in user data is simply too lucrative, Congress has repeatedly declared, to impose any sort of guard rails on companies (and executives specifically) that over-collect your data, hyper-monetize it, yet fail to adequately secure it.

They do that because the tiny regulatory fines and penalties (if there are any) are viewed as a near-irrelevant cost of business compared to the costs they’d incur from respecting consumer privacy and implementing tough security standards. Nothing changes until those penalties are dramatically reformed and expanded; especially for individual executives.

Flight data, of course, creates a particularly sensitive national security risk. And while Congress did recently pass a privacy law related to flight data privacy, it was simply to protect rich Americans worried about being scolded for their environmentally harmful excessive private jet use.