Page 1 of 2 12 LastLast
Results 1 to 10 of 17

Thread: Security breach email

  1. #1
    Passenger
    Join Date
    Jun 2014
    Posts
    30

    Security breach email

    Hi!

    I have got this email:

    Dear Flightradar24 user,

    I regret to inform you that late last week we identified a security breach that may have compromised the email addresses and hashed passwords (see explanation below) for a small subset of Flightradar24 users (those who registered prior to March 16, 2016), including you.


    Is it yours?


    Thx,
    federbear.
    T-ENGM162 ex T-ENHA4, T-ENGM86, T-LHBP22

    My photos - Planespotters
    My photos - Jetphotos

  2. #2
    Passenger
    Join Date
    Aug 2014
    Posts
    2
    Quote Originally Posted by federbear View Post
    Hi!

    I have got this email:

    Dear Flightradar24 user,

    I regret to inform you that late last week we identified a security breach that may have compromised the email addresses and hashed passwords (see explanation below) for a small subset of Flightradar24 users (those who registered prior to March 16, 2016), including you.


    Is it yours?


    Thx,
    federbear.
    Lot's of us got the same mail. I think FR24 should give us some more info. Like what hashing method they used on passwords (salted?). Also, why is a 2 year outdated user database online?

  3. #3
    First officer
    Join Date
    Dec 2014
    Posts
    229
    As it came from an address I didn't recognise (FR24.com) I've sent them a query to verify it is genuine. I also didn't like the look of the link it asked me to click on to reset password (which I haven't as yet).

  4. #4
    Passenger
    Join Date
    Jun 2014
    Posts
    30
    Quote Originally Posted by Stealth View Post
    As it came from an address I didn't recognise (FR24.com) I've sent them a query to verify it is genuine. I also didn't like the look of the link it asked me to click on to reset password (which I haven't as yet).
    This address u708499.ct.sendgrid.net/ is suspicious. I thought immediately of a data fishing link, because it is not an FR24 site. Plus I do not like to click a link from an email, that would lead to a site changing password anyway.

    So it is still an open question, and I hope they answer it as soon as possible.
    T-ENGM162 ex T-ENHA4, T-ENGM86, T-LHBP22

    My photos - Planespotters
    My photos - Jetphotos

  5. #5
    Flight attendant
    Join Date
    Jan 2013
    Location
    T-LSZD25
    Posts
    53
    The host from which the e-mail was sent resolves to o1.post.flightradar24.com, chances are that it is legit.
    It is odd that there is no message from FR24 on twitter, facebook, etc. in this regard. Also no blog entry about this on the fr24 webpage.

    Edit: Just saw it in the comments on facebook/fr24 that the mail is legitimate.
    Last edited by helios; 2018-06-19 at 07:20.

  6. #6
    Passenger
    Join Date
    Jun 2014
    Posts
    30
    Quote Originally Posted by helios View Post
    The host from which the e-mail was sent resolves to o1.post.flightradar24.com, chances are that it is legit.
    It is odd that there is no message from FR24 on twitter, facebook, etc. in this regard. Also no entry about this on the fr24 webpage.

    Edit: Just saw it in the comments on facebook/fr24 that the mail is legitimate.
    Thx, I'll share it.
    T-ENGM162 ex T-ENHA4, T-ENGM86, T-LHBP22

    My photos - Planespotters
    My photos - Jetphotos

  7. #7
    Flight attendant
    Join Date
    Jan 2013
    Location
    T-LSZD25
    Posts
    53

  8. #8
    Team FR24
    Join Date
    Feb 2015
    Posts
    221
    Quote Originally Posted by federbear View Post
    Hi!

    I have got this email:

    Dear Flightradar24 user,

    I regret to inform you that late last week we identified a security breach that may have compromised the email addresses and hashed passwords (see explanation below) for a small subset of Flightradar24 users (those who registered prior to March 16, 2016), including you.


    Is it yours?


    Thx,
    federbear.
    Yes, this is a genuine email from us. Please go ahead with changing your password.
    --

  9. #9
    Super Moderator Olga's Avatar
    Join Date
    Jul 2015
    Location
    Stockholm
    Posts
    16
    We can confirm that the email some of our users received in regards to a security breach has been sent by us. The security breach may have compromised the email addresses and hashed passwords for a small subset of Flightradar24 users (those who registered prior to March 16, 2016).

    We would like to apologize that this breach occurred and for the inconvenience this may cause. We would also like to stress that we have no indication any of personal information was compromised.

    The security breach was limited to one server and it was promptly shut down once the intrusion attempt had been ascertained. An email has been sent to users with affected accounts.

    Please note that no payment information has been compromised. Flightradar24 neither handles nor stores payment information.

    We recommend to change the password for your FR24 account. In case you’ve used the same password anywhere else, we strongly suggest you update it there as well.

    If you'd also like to change the email address of your Flightradar24 account, please email us via support@fr24.com providing both the old and the new email addresses. Also, it's possible to change the password directly via our website if you prefer.

    Please accept our sincere apologies for any inconveniences caused. Our team will continue our thorough internal security review of our system and processes to see what more we can do to ensure that this never happens again.

  10. #10
    Passenger
    Join Date
    Apr 2014
    Posts
    31
    I got this email also, but thought it was a Phishing email at first.
    Might I suggest to the staff that send these emails that they go not include a clickable link, instead requesting users go to the Flight Radar24 website, login and change the password like that manually.
    Most banks do this nowadays.
    Have changed my password now. Does this include the Forum accounts or just the main FR24 website accounts?

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •