Skip to content ↓ | Skip to navigation ↓

Britain’s largest and busiest airport has launched an investigation to determine how someone found a USB containing 2.5GB of its data on the street.

News of the incident involving Heathrow London Airport first came to light when an unemployed man contacted The Sunday Mirror. He told the tabloid he was on his way to a local library to search for work when he spotted the stick amidst the leaves on the pavement in Ilbert Street, in Queen’s Park, West London. The man picked up the USB and plugged it into a library computer a few days later.

Included on the device were at least 174 Heathrow documents marked “confidential” and “restricted.” Despite such classifications, the man had no trouble viewing their contents. These files included the following:

  • Maps indicating the exact locations of CCTV cameras along with a series of escape shafts found in the Heathrow Express rail line that links the airport with London Paddington station.
  • The types of identification that someone requires to access restricted areas.
  • The exact route used by the Queen when she uses the airport and what security measures she uses to get there.
A terminal at Heathrow Airport. (Source: Wikipedia)

Met Police said they’re working to determine how the USB stick appeared on the street. Concurrently, a spokesman for the airport confirmed that Heathrow is currently investigating whether the device turned up as a result of an “incompetent data breach” or if someone intentionally stole its sensitive files and possibly sold them on the dark web. As quoted by TimesLIVE:

“Heathrow’s top priority is the safety and security of our passengers and colleagues.

“The UK and Heathrow have some of the most robust aviation security measures in the world and we remain vigilant to evolving threats by updating our procedures on a daily basis.

“We have reviewed all of our security plans and are confident that Heathrow remains secure.

“We have also launched an internal investigation to understand how this happened and are taking steps to prevent a similar occurrence in future.”

News of this incident follows just days after Bad Rabbit ransomware struck Ukraine’s Odessa airport, among other targets.