Flightradar24 is a popular and well developed Swedish company that was developed in 2006 and it keeps the track of flights all over the world, all the information of a flight and provides to its loyal customers (To get informations about flights you have to subscribe to their data plans).It is used by aviation enthusiasts to track flight paths, telemetry and weather conditions, depending on the level of subscription used.
Flightradar24 offers premium subscription packages from US$10 ($13.54) to US$500 ($677) a year. It uses payment services such as Paypal and user gets limited information of the flight according to his selected data plan.
Well they suffered a recent breach last week and didn’t disclosed it immediately and to deal with the breach they shuted down one of their server that was breached and send reset password links to all their customers.
The things didn’t go as planned as some of the customers thought that the reset link was some phishing page and someone’s trying to get their information so they started asking the company officials about the issue and they have to tell their customers that data was breached and passwords were hashed so there will be no loss of anyone however they didn’t disclosed the hash encryption type.
The company said
“The security breach may have compromised the email addresses and hashed passwords for a small subset of Flightradar24 users (those who registered prior to March 16, 2016).”
“We have already invalidated your old password and the link in the email will allow you to create a new password.”
“No indication of any personal information” or payment information was compromised, the latter because Flightradar24 “neither handles nor stores payment information”.
According to the news the credentials of about 230,000 customers is compromised.
Hackers managed to crack some of the hashed passwords from the list so the company expired the old passwords of the affected customers and forced them to set a new password.