Nice! The Clear database was on a laptop that was stolen at SFO.

What a great database breach to shed light on this implied-security-related-but-really-not revenue opportunity known as Clear. I guess I am chuckling about this, but as I don’t know what is contained in that data set, I do not know how dangerous this leak is to the members who signed up for it.

Since this really does not have much to do with security or official identity, is it really a crime if you create a fake version of this Clear card to cut to the front of the line? Is it any different than faking a “sandwich of the month” card? Will UAL jackboots drag me off for interrogation? I will probably find some cabbie in Orlando selling them for $20 next week. Too bad, as I am on my way to the airport for Black Hat now.

If anyone out there is part of this program, would you be kind enough to share the letter you recieve from Verified Identity Pass? I am curious to see what they have to say and how they respond to the issue.

Update 3:00pm: CBS has updated the article … seems the laptop was found.

Share: