Hacks and data leaks are in news this day and keeping data securely is the major problem for all infrastructure, institutions and IT companies.
But not so for New York’s Stewart International Airport, situated 60 miles north of Manhattan, which left its server backups exposed to the internet for years, the drives were hadn’t protected with a password.
They apparently misconfigured back in late April and were left open without any protection.
According to Chris Vickery lead researcher from MacKeeper Security “The 760GB of exposed data Includes TAS, letters of investigations, social security numbers, emails”. He discovered the lapse, nothing that the backup drive and acting as a public server with no protection.
If some have found this backup’s, they could have access a particular file with usernames and passwords for various devices and systems running on that server.
Security researcher confirmed that they would open every component of the airport’s internal network to a malicious attacker.
The authority of New York and New Jersey contracts the management of airport to a private company called AvPORTS, which uses a single IT professional to maintain the security of the server.
Port Authority spokesperson noted that an ongoing investigation is going on, but no information have been compromised during the year-long exposure.