Skip to main content

USB stick found in street contains Heathrow Airport security information

usb stick security alert airport memory
Nulinukas/123RF
We know all too well that sticking a found USB flash drive into your computer carries big risks, and in a worst-case scenario, it could fry your machine.

Perhaps that’s why one curious guy in London recently headed to a library with a stick he reportedly found in the street. But instead of ruining one of the library’s computers, the USB stick revealed highly confidential information linked to the security procedures of one of the world’s busiest airports, according to the Sunday Mirror.

None of the 2.5GB of data on the flash drive was encrypted or password protected, allowing the man to explore 76 folders holding sensitive security information for London’s Heathrow airport.

Containing “maps, videos, and documents,” the data revealed, for example, the route the Queen and her entourage take when heading to and from the airport, and the security measures put in place to ensure her safety. Some of the information was labeled as “confidential” and “restricted” but could still be accessed in a couple of clicks.

Getty
Getty

The stick also contained details of all the different kinds of identification required to enter the airport’s restricted areas — including for undercover cops — and “maps pinpointing CCTV cameras and a network of tunnels and escape shafts linked to the Heathrow Express,” a train route that runs between the airport and central London.

The man said he found the stick in a residential street about 10 miles east of the airport. He handed it to the Mirror, which immediately contacted Heathrow officials. The airport operator is now conducting an investigation into the matter.

Unnamed sources connected with the airport told the news outlet that those looking into the matter were keen to discover if the incident was the result of an “incompetent data breach” or if someone had intentionally transferred the information onto the drive and taken it off site, possibly for nefarious purposes such as terror or cyberattacks.

Every year Heathrow handles around 75 million passengers who are flown by more than 80 airlines to destinations around the world, leaving the authorities with a huge security challenge. The idea that someone working at the airport may have secretly transferred the data onto a stick and then taken it away from the site will be of huge concern.

Heathrow said in a statement that passenger and staff safety was its “top priority,” adding that it was confident the airport was “secure.”

While slotting a USB stick into a computer is certainly a risky thing to do, in this case it appears to have exposed a monumental lapse in security that’s certain to force the airport into conducting a full review of the way it handles sensitive data.

Trevor Mogg
Contributing Editor
Not so many moons ago, Trevor moved from one tea-loving island nation that drives on the left (Britain) to another (Japan)…
Target slashed the price of this CLX gaming PC with RTX 4080
The CLX Horus on a white background.

For one of the best gaming PC deals around, Target is the surprise place to go today. Currently, you can buy a CLX Horus Gaming PC with a powerful Nvidia GeForce RTX 4080 graphics card for $560 off. Usually $3,750, it’s down to $3,190 for a limited time, which is a pretty great deal for a gaming rig packed with high-end hardware. If you’re keen to learn more, keep reading and we’ll take you through everything. We’re not certain how long the deal will stick around for, so assume it’s going to end sooner rather than later if you don’t want to risk missing out.

Why you should buy the CLX Horus Gaming PC
CLX sneaks in one of its entries among our look at the best gaming PCs, so you can be rest assured that this is one worth checking out. The CLX Horus Gaming PC looks fantastic on paper. It has a 14th-generation Intel Core i9-14900KF processor along with a huge 64GB of speedy 5600MHz DDR5 memory. Besides that, there’s also 2TB of SSD storage, which would be enough for many people, before throwing in even more storage with 6TB of regular HDD storage. Pretty sweet, right? Better still is its GeForce RTX 4080 graphics card with 16GB of dedicated VRAM, so it’s perfectly well suited for all your gaming needs for a very long time to come.

Read more
Intel Arrow Lake gets possible pricing and release date
Intel CEO Pat Gelsinger presents Intel's roadmap including Arrow Lake, Lunar Lake, and Panther Lake.

We haven't even gotten an official release date for Intel Arrow Lake, but the one we know of is already being pushed back. Many leaks pointed to an October 10 release, but now, one source claims that Intel won't launch its next-gen top desktop processors until October 24. This only applies to the K and KF-series CPUs -- the non-K variants won't arrive until much later. We've also gotten a peek at some of the possible pricing.

Fortunately, the delay doesn't appear to be major. According to HKEPC on X (formerly Twitter), the launch of Intel Arrow Lake-S has now been pushed back from October 17 to October 24. This is somewhat inconsistent with previous leaks, but not really -- it appears that Intel had always planned to announce Arrow Lake on October 10, with availability starting on October 17. Now, we might still hear about the CPUs on October 10, but they won't appear on the shelves until two weeks later.

Read more
Credit card info for 1.7 million users leaked in huge breach
A credit card is passed from one person to another.

Florida-based payment gateway provider Slim CD has confirmed in a notification sent to affected clients (almost 1.7 million) that their full names, credit card info, physical address, and payment card expiration date have been breached, according to a letter from the company, It's a trend that's unfortunately becoming fairly common.

What's more shocking about the number of affected users is how long it took the company to notice the breach since the hackers had access from August 2023 to June 2024. The company first noticed suspicious activity on June 15, stating, "That access may have enabled an unauthorized actor to view or obtain certain credit card information between June 14, 2024, and June 15, 2024,”

Read more