USB stick found in West London contained Heathrow security data
Encryption? Passwords? Nah, why use those...
Detailed security arrangements for London Heathrow airport, including the Queen’s precise route every time she passes through, were found on a USB stick left in a West London street, according to reports.
The unencrypted USB stick was found lying under leaves on Ilbert Street, a leafy terrace near the famous Kensal Green cemetery – reportedly by an unemployed jobseeker on his way to a library.
Having plugged the stick into a computer, the man found a treasure trove of what appeared to be security-related documents, including routes and timings of security patrols, types of ID needed to access restricted areas, maps of CCTV cameras and otherwise hidden access shafts onto the Heathrow Express railway line that runs under the airport.
No passwords had been applied to the stick or any of its contents.
Curiously, the Sunday Mirror reported that some of the 2.5GB of documents on the stick were marked “confidential” or “restricted” – security classification markings that were officially superseded in central government use four years ago. Most police forces have followed suit.
A reporter from the paper wrote: “Why was this sensitive material held on an unencrypted memory stick and taken off site? It’s a huge security breach and massively embarrassing for those in charge of security. The cumulative impact of having so many documents, videos, maps and images all in one place represents a security risk.”
The offending files were passed on to Heathrow security.
An airport spokeswoman told the Guardian that an internal investigation had been launched, adding: “We have reviewed all of our security plans and are confident that Heathrow remains secure. We have also launched an internal investigation to understand how this happened and are taking steps to prevent a similar occurrence in future.”
Wow. It’s like the 2000s all over again
This idiotic blunder by whoever took the USB stick out of Heathrow sounds like something from the bad old days of the previous decade, when confidential data was blithely left lying around on abandoned laptops, folders on trains, and all the rest of it.
One presumes that whoever did this will shortly be joining the person who found the USB stick on a job hunt.
As for the wider implications, they barely need spelling out: had the chance passerby been someone less kindly disposed towards the UK than the finder of the stick, the consequences could have been seriously bad. ®
Sponsored: Becoming a Pragmatic Security Leader