By Matthew Broersma
Norwich International Airport has confirmed that its Website was hacked, but said no sensitive information was compromised and operational systems were not affected.
The breach occurred a month ago, with the attacker accessing the details of people registered on the airport Website’s media center, a stand-alone Website not connected to operational systems, according to airport general manager Richard Pace.
He said the airport’s physical security wasn’t compromised and no commercial or operationally sensitive data was affected. Changes are being made to the Website to prevent further incidents of the same kind, Pace said.
BBC Radio Norfolk reported that the Website was attacked to test its security.
“I found I could do it and then contacted the airport to let them know,” the hacker, who used the pseudonym “His Royal Gingerness” (HRG), told the BBC.
“After a month they sent a message back saying they’d made changes and it had been sorted. I went to check it and it was exactly the same. It took me between two to three minutes to do this. I do this mostly to see what vulnerabilit[ies] there are in modern systems.”
The airport said it did not report the incident to the Information Commissioner’s Office (ICO) because it was not extensive enough and didn’t affect sensitive information.
Large-scale data breaches are becoming more frequent as it becomes routine for databases containing sensitive commercial, government and personal data to be linked to the Internet, making the information vulnerable to commercially motivated thieves and hackers in the employ of nation states.