TSA issues new warning for airport travelers

With the busy summer travel season underway, the Transportation Security Administration (TSA) is warning globetrotters about the dangers of using USB chargers at airports.
According to a Facebook post from TSA, travelers should avoid charging electronic devices via the USB ports that are now commonplace at airports around the country and the world because of the potential malware the ports may contain.
According to TSA's advisory on Facebook: 'Hackers can install malware at USB ports.' The advisory goes to state that 'when you're at an airport do not plug your phone directly into a USB port. Bring your TSA-compliant power brick or battery pack and plug in there.'
The same Facebook advisory also contains a warning from the government agency about free public WiFi available at most airports. Here too, the concern is that hackers can access your personal information unbeknownst to you, the traveler.
The TSA Facebook post states: 'Don't use free public WiFi, especially if you're planning to make any online purchases.'
The post goes on to warn 'Do not ever enter any sensitive info while using unsecure WiFi.'
Meanwhile, privacy experts have been busy issuing warnings of their own. Travis LeBlanc, a lawyer and former member of the Privacy and Civil Liberties Oversight Board, recently told The Mirror that travelers would be wise to opt out of the facial recognition technology that the TSA has begun using at U.S. airport security checkpoints over the past year or more.
'You don't have to submit your picture to the government for the government to scan it and store it under their rules,' LeBlanc, The Mirror reported.
Separately, privacy and data policy expert Jennifer King told the publication: 'I'm sure that the dream of enforcement agencies would be to be able to track people in real time based on something like facial recognition.' However, according to King, TSA has been 'a little vague' about what they plan to do with the photo data now being collected.
TSA meanwhile, has said that any data collected is not used for surveillance. Additionally, the data is not stored.
A TSA agent previously told the HuffPost that: 'Photos are not stored or saved after a positive ID match has been made, except in a limited testing environment for evaluation of the technology's effectiveness. A real-time picture simply means that an image is taken at the kiosk and that 'live' photograph is matched against the image on the identification credential.'
_________
Copyright (C) 2025, Tribune Content Agency, LLC. Portions copyrighted by the respective providers.

Try Our AI Features

Explore what Daily8 AI can do for you:

Learn with AIFact CheckingText to SpeechAI Summary

Related Articles

New York Post

3 hours ago

• New York Post

Summer travel forecast to shatter records for Fourth Of July — here's how many Americans will be on the move

There's going to be a real tournami. The American Automobile Association predicts that a record number of Americans will travel across the country over the July 4th holiday week from Saturday, June 28 to Sunday, July 6. During that period, 72.2 million people will reportedly journey at least 50 miles from home — an increase of 1.7 million travelers compared to last year and 7 million more than in 2019, per the forecast. 'Following Memorial Day's record forecast, AAA is seeing strong demand for road trips and air travel over Independence Day week,' said Stacey Barber, Vice President of AAA Travel. 'The top 10 heaviest travel days in TSA history have all happened within the past year, and we expect to see more heavy volumes this summer,' said Kristie Jordan Smith, a TSA official at Dallas Fort Worth International Airport (DFW) milanmarkovic78 – Indeed, a record 62 million travelers will be commuting by car over Independence Day weekend, marking an uptick of 1.3 million from last year. Meanwhile, the number of air travelers is also 'projected to set a new record,' per the autoclub, which expects that 5.84 million travelers will jet to their destinations — 8% of all July 4 travelers. That marks a 1.4% increase over the previous record of 5.76 million during Independence Day week of last year. Coney Island beach in New York, which is the third biggest July 4 destination this year, according to AAA booking data. Stock fresh – According to AAA booking data for the July 4 travel period, the top three domestic destinations are Orlando (FL), Seattle (WA), New York, (NY) while internationally the most US travelers are flocking to Vancouver (Canada), Rome (Italy) and Paris (France). 'Cruises, beaches, and fireworks are the main motivators for travelers heading to these cities,' AAA writes. 'Alaska cruises are in peak season, Florida and Hawaii are in high demand for their resorts and attractions, and New York and Boston host two of the most popular fireworks shows in the nation.' AAA spokesperson Aixa Diaz claimed that the expected travel surge is as much an 'emotional decision' as it is a practical or economic one. 'People don't have to spend a lot of money when they go on these trips, but people want to get away and not be home,' she said. The Transportation Security Administration is bracing for the tournami. 'The top 10 heaviest travel days in TSA history have all happened within the past year, and we expect to see more heavy volumes this summer,' said Kristie Jordan Smith, a TSA official at Dallas Fort Worth International Airport (DFW), CBS reported. Airport officials are hoping to curb the congestion by implementing facial recognition technology. Customs officials claim that wait times are already down 25% thanks to this expeditious tech, which is now operational at nine flight hubs across the country.

Gizmodo

5 hours ago

• Gizmodo

What We Know So Far About the Supposed ‘Mother of All Data Breaches'

Data breaches are so common these days that, when a new one gets announced, most web users can do little more than yawn and mutter something like 'Yeah, no shit' before scrolling up to the next story in their newsfeed. This week, however, a breach was announced that was allegedly so earth-shatteringly huge that it managed to break through the internet's wall of collective cynicism. Dubbed the 'Mother of All Data Breaches,' the breach is said to involve some 16 billion user credentials, and impact a vast number of accounts on platforms like Facebook, Google, and Apple. The breach was initially reported by Cyber News, a site that focuses on web security, and was written by the site's deputy editor and researcher, Vilius Petkauskas. The story, published Wednesday, claims that the breach represents 'one of the largest data breaches in history.' Petkauskas's article describes the discovered breach as 'a plethora of supermassive datasets, housing billions upon billions of login credentials' that have been sourced from 'social media and corporate platforms to VPNs and developer portals.' This data is sourced from '30 exposed datasets' that researchers say contains 'tens of millions to over 3.5 billion records each.' Researchers say they were able to discover the exposed datasets due to insecure online protections, though they say the exposure was too short-lived for them to figure out who was 'controlling' the data. 'This is not just a leak – it's a blueprint for mass exploitation,' said researchers interviewed by the site. 'With over 16 billion login records exposed, cybercriminals now have unprecedented access to personal credentials that can be used for account takeover, identity theft, and highly targeted phishing.' Cyber News's story was picked up by a number of mainstream outlets, including Forbes and Axios. However, no sooner had the news begun to circulate the internet than security professionals began to call the article's claims into question. According to critics, Cyber News isn't wrong per se about the number of credentials that have been exposed—and that's horrifying enough news on its own. However, some watchers maintain that this isn't a new breach (nor is it really a breach in the traditional sense), it's just data from a bunch of old breaches that have been stapled together and posted online. 'To be clear, this is not a new data breach, or a breach at all, and the websites involved were not recently compromised to steal these credentials,' writes Bleeping Computer. Meanwhile, vx-underground, an informational website that posts about malware samples found around the web, tweeted about the story, characterizing it as a 'fear mongering 16,000,000,000 password repackage password leak thingy which scared the normies and spread misinformation.' Unfortunately, large breaches happen all the time and, due to the way that the cybercriminal underworld is structured around the sharing of stolen data, data from many of these breaches is traded and re-traded across websites. Sometimes, collectors of that information will compile very large dossiers of those breaches and post it as something new—which is what researchers are claiming happened here. That said, Cyber News's story seems to contradict the claims being made by security researchers somewhat. It says that the data that has been uncovered is 'recent' and 'not merely recycled from old breaches.' The Cyber News story also now includes a disclaimer that says: 'This story, based on unique Cybernews findings and originally published on the website on June 18, is constantly being updated with clarifications and additional information in response to public discourse.' Gizmodo reached out to Cyber News for comment. The breach is still interesting for how it highlights the danger of one particular tool in the dark web cretin's toolkit, which is a malware appropriately known as the 'infostealer.' The infostealer—just as it sounds—is software that, once having infected a device, will suck out login credentials that have been saved in the computer's browser. A very effective tool, cybercriminals can use the automated tools to swiftly compile large lists of personal information that can be used for compromise operations down the road. Regardless of whether this involves freshly leaked credentials or not, it might be a good time to freshen up your logins. Hackers' jobs are getting easier by the day.

Travel + Leisure

8 hours ago

• Travel + Leisure

The TSA Warns Against 'Juice Jacking' at the Airport—Here's How to Protect Yourself

When was the last time you used a USB charging station at the airport? According to the Transportation Security Administration, you should think twice before charging your phone at one of those stations. "Hackers can install malware at USB ports (we've been told that's called 'juice/port jacking')," the TSA recently advised travelers on Facebook. "So, when you're at an airport, do not plug your phone directly into a USB port. Bring your TSA-compliant power brick or battery pack and plug in there." The warning has sparked fresh concern about "juice jacking," a cyberattack where criminals install malware on public charging stations to steal data from connected devices. But how real is this threat for everyday travelers? We asked a few experts. A person using their tablet. Margot Cavin/Travel + Leisure According to Calum Baird, a digital forensics expert, juice jacking is more theoretical than anything else. Despite the alarming warnings circulating online, Baird says he hasn't encountered any actual cases in his professional experience. "I see it pop up online every now and then, but most, if not all, modern smartphones now require confirmation prior to data transfer via USB," Baird says. Baird notes that even if travelers encounter compromised charging stations, most modern devices have built-in protections. Baird's personal experiences are also backed by the Federal Communications Commission, and on its website, the organization states that although it is technically possible, the FCC is not aware of any confirmed cases of juice jacking. Plugging into a USB charging port. Danny Jenkins, cofounder and CEO of ThreatLocker, offers another perspective on what travelers should actually worry about, and points to an unexpected source: deceptive USB-C cables. "Shady USB-C cables likely pose the greater risk, partly because the dangers of public charging ports are more widely known," he says. Jenkins says that people have become more aware of the dangers associated with public charging stations, so they're more cautious about using them. However, many travelers don't think twice about buying a cheap charging cable from a questionable vendor at an airport shop or online marketplace, making these cables a more successful point of attack. "Attackers are always searching for new exploits," he says. "While upcoming measures may mitigate issues related to juice jacking, vulnerabilities could still emerge as attackers gain access to new USB technologies and attempt to bypass these protections." A person plugging in a phone. Margot Cavin/Travel + Leisure While it's hard to find reports of actual juice jacking cases, it's always a good idea to take extra precautions, just in case. Jenkins says that portable battery packs can help mitigate the chances of a juice-jacking attack. If you don't have any other options aside from a public charging station, Jenkins recommends checking for signs of tampering on the USB port area. Baird says to check your phone as you plug it in. 'If it's asking you to trust a device you've connected to, decline,' he says. 'It doesn't need data transfer to charge.' While juice jacking remains largely theoretical, the TSA's cautious approach makes sense given the high-traffic nature of airports and the valuable data stored on travelers' devices. However, modern smartphones have built-in protections, and a few simple precautions can drastically eliminate any risk. Instead of avoiding public charging entirely, travelers can stay safe by bringing their own charging equipment, paying attention to device prompts, and being selective about where they source cables and adapters. After all, a dead phone battery poses a more immediate risk than juice jacking for most travelers.