Computerworld - Kingston Technology Co. is recalling certain models of its DataTraveler secure USB flash drives in order to update firmware on the drives after a security company found a flaw that could allow a hacker to gain access to a user's password.
On its Web site, Fountain Valley, Calif.-based Kingston stated that "a skilled person with the proper tools and physical access to the drives may be able to gain unauthorized access to data contained on" some of its USB drives.
According to Kingston, the security flaw involves the way the drives process passwords. German security company SySS GmbH apparently created a script that revealed the password authentication method.
A Kingston spokesperson said the company would not comment on any specifics surrounding the security flaw, because "anything we say [could give] other hackers fuel and clues" as to how to break into the drive's security features.
The affected models include the DataTraveler BlackBox, DataTraveler Secure–Privacy Edition, and DataTraveler Elite–Privacy Edition.
Currently, owners of the drives are being directed to
Lucas Mearian covers storage, disaster recovery and business continuity, financial services infrastructure, and health care IT for Computerworld. Follow Lucas on Twitter at 
@lucasmearian, send e-mail to lmearian@computerworld.com or subscribe to Lucas' RSS feed 
.
Read more about Data Storage in Computerworld's Data Storage Topic Center.
Free Insider GuideCopyright © 1994 - 2013 Computerworld Inc. All rights reserved. Reproduction in whole or in part in any form or medium without express written permission of Computerworld Inc. is prohibited. Computerworld and Computerworld.com and the respective logos are trademarks of International Data Group Inc.
