A recent report has revealed a critical security incident within the global shipping industry, shedding light on the vulnerabilities that can arise in even the most essential tech systems. Bluspark Global, a key U.S. shipping tech company, inadvertently exposed its shipping systems and customer data to the web due to a series of unaddressed vulnerabilities. This revelation comes as cyber threats in the shipping sector are escalating, with hackers targeting logistics companies to divert goods into the hands of criminals.
Bluspark’s platform, Bluvoyix, utilized plaintext passwords, leaving sensitive information, including customer shipment records dating back decades, accessible to anyone online. The company, responsible for facilitating freight shipments for major retailers and manufacturers globally, faced criticism for the lack of robust cybersecurity measures in place.
Security researcher Eaton Zveare, who identified the flaws in Bluspark’s systems, highlighted the challenges in promptly addressing these issues due to the company’s inadequate communication channels. Despite Bluspark’s efforts to rectify the vulnerabilities by fixing five critical flaws, the incident underscores the urgent need for heightened security protocols across the shipping tech landscape.
Source: TechCrunch