Norfolk

Norwich International Airport website hacked

Norwich Airport
Image caption The hacker told the BBC he wanted to highlight the vulnerability of airport website

A hacker has breached the security of Norwich International Airport's website.

Using a pseudonym of His Royal Gingerness (HRG), the hacker told the BBC he wanted to highlight the website's "vulnerability".

As well as getting into the site, he obtained names and email addresses from a database.

The airport said it was aware that its website was hacked a month ago and confirmed changes were being made.

Richard Pace, the airport's general manager, stressed that physical security had not been compromised.

Image caption The hacker claimed a friend had been planning to hack the website and "post bomb threats

The details accessed by the hacker were of people registered on the website's media centre, and no commercial or operationally sensitive data was obtained, he said.

Mr Pace said the hacker accessed a "standalone website which did not compromise operational systems".

HRG, who asked not to be identified because of fears of prosecution, said he hacked the site "to see if I could".

"I found I could do it and then contacted the airport to let them know," he said.

"After a month they sent a message back saying they'd made changes and it had been sorted. I went to check it and it was exactly the same.

"It took me between two to three minutes to do this. I do this mostly to see what vulnerability there are in modern systems."

A spokeswoman for the Information Commissioner said the office had not yet received a referral about a data breach.

She said there was no legal obligation under the Data Protection Act to report breaches of security, although "we believe that serious breaches should be reported".

Following a review, Mr Pace said the airport believed the "volume requirement and the sensitivity requirement" to report the breach to the Information Commissioner was not met.

More on this story

Related Internet links

The BBC is not responsible for the content of external Internet sites