A solar-powered airplane finished crossing the United States on Saturday, landing in New York City after flying over the Statue of Liberty during its historic bid to circle the globe, the project team said. The spindly, single-seat experimental aircraft, dubbed Solar Impulse 2, arrived at New York's John F. Kennedy International Airport at about 4 a.m. local time after it took off about five hours beforehand at Lehigh Valley International Airport in Pennsylvania, the team reported on the airplane's website. Such a pleasure to land in New York! For the 14th time we celebrate sustainability," said the project's co-founder Andre Borschberg on Twitter after flying over the city and the Statue of Liberty during the 14th leg of the trip around the globe. The Swiss team flying the aircraft in a campaign to build support for clean energy technologies hopes eventually to complete its circumnavigation in Abu Dhabi, where the journey began in March 2015. The solar cr...
The firm said that there was "unauthorised access" to the database on 14 November. The app is a gateway for customers to download games, e-books and other content on to their Vtech devices. It is not clear how many customers have been affected, A large amount of data, which looked like it could be from the hack, was seen online but has now been hidden, according to some experts. It also appeared to include a considerable number of children's names, dates of birth and gender.
In an email to customers, the company said: "Upon discovering the unauthorised access we immediately conducted a thorough investigation, which involved a comprehensive check of the affected site and implementation of measures to defend against further attacks." The company stressed it was "important to note that our customer database does not contain any credit card or banking information" nor social security numbers. However it does contain what the Vtech describes as "general user profile information", such as "name, email address, encrypted password, secret question and answer for password retrieval, IP address, mailing address and download history".The firm sells a range of electronic products ranging from toy cars and interactive garages to cameras, games, e-books and tablets.
Professor Alan Woodward, cyber security expert at Surrey University, said it looks like the firm may have been subjected to a simple hacking technique known as anSQL injection. "If that is the case then it really is unforgivable - it is such an old attack that any standard security testing should look for it," he said. "If initial reports are correct then they should be taking their website connection to their databases offline immediately until they can discover how this was done and correct the issue. "They also need to be alerting the parents as soon as possible, with particular emphasis on how their children might be approached using this type of data.
"These breaches are endemic and we have to stop. If that means focusing the minds of these companies through big fines then so be it. It needs to be taken seriously and those responsible held to account." Another security expert, Troy Hunt, said he was extremely concerned by the breach. "When it's hundreds of thousands of children including their names, genders and birthdates, that's off the charts," he wrote. "When it includes their parents as well - along with their home address - and you can link the two and emphatically say 'Here is nine-year-old Mary, I know where she lives and I have other personally identifiable information about her parents (including their password and security question)', I start to run out of superlatives to even describe how bad that is."
Comments
Post a Comment