Computer Business Review – Security researchers at VPNMentor say they gained access to 27.8 million records and 23 GB of data, including unencrypted fingerprint data, logs of facility access, security levels and clearance, and personal details of staff, after penetrating a poorly configured database of biometric security platform Biostar 2.
InfoSecurity Magazine – British Airways has come under fire from the security community again, this time after a vulnerability in its e-ticketing system was found to be exposing passenger’s personal information (PII). Security firm Wandera claimed in a blog post yesterday that the airline was sending out unencrypted check-in links to customers which contained booking reference and surname in the URL itself.
ComputerWeekly – British Airways has not addressed a potential leak of passenger details despite warnings from security researchers, but says it is aware of the issue and is taking action.
SecurityWeek – British Airways (BA) has been criticized for allowing hackers easy access to customer flight information. The issue was exposed Tuesday by researchers who discovered “a vulnerability affecting British Airways’ e-ticketing system that exposes passengers’ personally identifiable information (PII).”
ComputerWeekly – The discovery of a publicly accessible database of biometric information highlights failings by the supplier, the need for supply chain security, and the challenges of using biometric data.