View all newsletters
Receive our newsletter - data, insights and analysis delivered to you
  1. Technology
  2. Cybersecurity
October 30, 2017

Heathrow lands in security chaos as lost USB reveals critical files

The USB containing the Heathrow security information was found on a London street and picked up by a passer-by.

By Tom Ball

A disturbing discovery was made when a USB stick found on the pavement of a London street turned out to contain elaborate Heathrow airport security information.

While it is worrying that so much critical information had been collated within a single USB, it is perhaps more troubling that the files it contained were not encrypted, and no password protection was in place.

The shock of the find is further enhanced by recently heightened security concerns following a string of major terrorist incidents, with the data on the USB pertaining directly to anti-terror measures.

It has been reported that the device was found by a passer-by who checked the contents of the drive, proving that truly anyone could have come across the information. The device also contained information regarding the movements of the Queen and Ministers when they are using the airport.

Richard Stiennon, Chief Strategy Officer, Blancco Technology Group, said: “The EU is moving toward a remarkably strong data privacy regulation. There is nothing in the works in the US that will provide equivalency to the EU GDPR which goes into effect this coming May 25. My take for EU businesses that need to engage with US data processors is not to trust them. For that matter you should never trust any organization that handles your data. You should encrypt that data as soon as possible. You should store and protect the encryption keys. And you should be able to systematically erase any data at any time in any place.

– Going digital ranks as #1 priority among banking CIOs

 

– Bloodhound: A day at the supersonic races with Oracle

 

Content from our partners
Green for go: Transforming trade in the UK
Manufacturers are switching to personalised customer experience amid fierce competition
How many ends in end-to-end service orchestration?
– North Korea to blame for NHS WannaCry attack – UK Government

 

With GDPR soon arriving, no organisation should be handling data so carelessly, whether it is security information that protects human lives, or customer information that could lead to fraud or theft.

Tony Pepper, CEO and co-founder of data security company, Egress, said: “What is so concerning about the leak of these files from Heathrow is just how highly sensitive this data is and how serious the consequences could have been had the the leak not been discovered, or if the information had gotten into the wrong hands. It’s unclear if the USB that the data was found on was intentionally leaked, or if this is simply a case of data security negligence. Whichever the case, what we know for sure is that once again data has been exposed not through by malicious external hacker but through an inside source – and the consequences could have been disastrous.”

Topics in this article : , ,
Websites in our network
Select and enter your corporate email address Tech Monitor's research, insight and analysis examines the frontiers of digital transformation to help tech leaders navigate the future. Our Changelog newsletter delivers our best work to your inbox every week.
  • CIO
  • CTO
  • CISO
  • CSO
  • CFO
  • CDO
  • CEO
  • Architect Founder
  • MD
  • Director
  • Manager
  • Other
Visit our privacy policy for more information about our services, how New Statesman Media Group may use, process and share your personal data, including information on your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.
THANK YOU