Plane tracker FlightAware admits user passwords, SSNs exposed for years
Notification omits a number of key details Popular flight-tracking app FlightAware has admitted that it was exposing a bunch of users' data for more than three years.…
The Admission tag covers security disclosures and statements that clarify how breaches or unauthorized access occurred.
Search across headline titles and summaries.
Background for this topic.
Admission is the decision to allow or deny a user, device, application, or service access to a resource. In information security, it usually combines authentication—checking who or what is requesting access—with authorization—determining which actions and resources are permitted. The term can also describe network or application admission controls that assess a device’s identity, configuration, or security state before allowing it to connect.
Weak admission controls can expose systems through stolen credentials, missing multi-factor authentication, misconfigured access-control lists, or roles that grant more privilege than necessary. Effective controls apply least privilege, restrict access by context where appropriate, and review permissions as people, devices, and services change. Recording both successful and rejected admission decisions supports detection and investigation of suspicious access, while periodic testing helps identify bypasses and unsafe defaults.
Notification omits a number of key details Popular flight-tracking app FlightAware has admitted that it was exposing a bunch of users' data for more than three years.…