News, views and top stories in your inbox. Don't miss our must-read newsletter Sign up Thank you for subscribing We have more newsletters Show me See our privacy notice Invalid Email

Heathrow chiefs are reeling after a memory stick crammed with confidential information was found in the street – posing “a risk to national security”.

Britain’s biggest airport launched a “very, very urgent” investigation after the Sunday Mirror alerted them to the frightening security lapse.

The USB stick – containing 76 folders with maps, videos and ­documents – was not encrypted and did not require a password.

The man who found it plugged it into a library computer and was alarmed at what he saw. It revealed:

The exact route the Queen takes when using the airport and security measures used to protect her.

Files disclosing every type of ID needed – even those used by covert cops – to access restricted areas.

A timetable of patrols that was used to guard the site against suicide bombers and terror attacks.

Maps pinpointing CCTV cameras and a network of tunnels and escape shafts linked to the Heathrow Express.

Routes and safeguards for Cabinet ministers and foreign dignitaries.

Details of the ultrasound radar system used to scan runways and the perimeter fence.

The scare comes just weeks after Britain’s terror threat stood at critical following the Parsons Green Tube bomb bid. It is still at severe.

(Image: Getty)

The USB stick was found by a member of the public and handed to the Sunday Mirror.

A security source said: “In the wrong hands this would represent a profound threat in terms of terrorism or espionage.

"Aviation security is under the microscope because of the desire by terrorists to bring planes down in a spectacular fashion. Security services would not want this leaked or sold to hostile parties.”

Met Police detectives were liaising with airport chiefs to work out how the USB drive, with a massive 2.5GB of data, ended up in the street.

Airport insiders revealed they were trying to determine if there had been an “incompetent data breach” or if someone had been accessing files intentionally.

Police fear it may have been copied and circulated on the “dark web” – where terrorists and criminals buy information.

The level of detail could have taken years to compile and involve a number of different systems.

A police source said: “The fear is that this information could have been downloaded and disseminated God knows where.

(Image: Getty)

"The worry is it ends up on the dark web and used by bad guys to pick holes in airport security.”

A former counter-terrorism chief who specialises in airport security told the Sunday Mirror: “There are serious questions to be answered.

“Why was this sensitive material held on an unencrypted memory stick and taken off site? It’s a huge security breach and massively embarrassing for those in charge of security.

"Knowing certain aspects of this ­information may make it easier for potential attackers to avoid detection.

“And the cumulative impact of having so many documents, videos, maps and images all in one place represents a security risk.”

(Image: Getty)

The Sunday Mirror was contacted by an unemployed man who found the stick while on his way to the library to search the internet for work.

He spotted the memory stick among leaves on the pavement in Ilbert Street, in Queen’s Park, West London.

He said: “I was curious about what it contained so a few days later, when I went back to the library, I plugged it into the computer. All these files were there. I couldn’t believe it.”

There were at least 174 documents. Some were marked as “confidential” or “restricted” – but could still be read.

Maps laid bare details of the airport’s Royal Suite, used by the Queen, Cabinet members and foreign dignitaries.

(Image: Getty)

And there were photos of X-ray machines and ­scanning equipment used by Her Majesty.

The Royal Suite – which costs £2,800 to hire for a single flight – is hidden from view in Terminal 5 and guests are driven directly to it.

But the memory stick holds images of the route leading up to the suite and satellite images with the location of nearby checkpoints.

Details of screening processes in Windsor Suite – used by stars including singer Cheryl Tweedy – were also revealed.

Other files listed those “exempt from screening”, details of drivers ferrying VIP guests to the suite and radio codes in the case of an “aircraft hijacking”.

(Image: Getty)

Other maps showed where maintenance tunnels and escape shafts link the airport to the Heathrow Express train line.

Satellite images and operating manuals for the Doppler radar ­surveillance system were also stored.

An expert who helped us examine the memory stick said the ­information may help facilitate an attack if it fell in the wrong hands.

He said: “Knowing this information would cut down on surveillance and could potentially make access easier.

“Security chiefs will be working hard to ensure there is no physical threat as a result of this breach and changing processes if necessary.

(Image: Terence Marsden)

"It is not helpful – certainly not best practice – to have maps and drawings of one of the UK’s biggest airports left in the street.

“It is serving up intelligence on a plate to people. It’s hugely embarrassing and should not have happened.

"In the wrong hands it could ­potentially be very helpful and would save them a lot of time in planning an attack.”

The Sunday Mirror has passed the file to Heathrow intelligence chiefs. The man who found it has been interviewed by airport security chiefs.

Insiders admitted it sparked a “very, very urgent” probe and that it posed “a risk to national security”.

(Image: Daily Mirror)

One document highlighted recent terror attacks to illustrate the type of threat Heathrow could face.

It referenced the Leytonstone Tube stabbing in 2015, the Tunisia beach massacre which claimed the lives of 30 British tourists the same year and the 2016 bombing in Istanbul’s Atatürk international airport.

And the memory stick was found just days after US intelligence warned Islamic State jihadists and al-Qaeda are planning more mass-casualty attacks on the scale of the 9/11 hijackings.

Last year terrorists threatened to bring down a US-bound plane flying out of Heathrow during Independence Day celebrations.

Meanwhile, US court papers last year revealed an al-Qaeda leader personally trained a former McDonald’s worker in bomb-making techniques to carry out a suicide attack in the arrivals hall at Heathrow – instructing him to target passengers from the US and Israel.

(Image: Oriol Salvador/Flickr)

And earlier this month MI5’s Director General Andrew Parker said the current terrorism threat was the worst in his 34-year career.

He described it as “multidimensional, evolving rapidly and operating at a scale and pace we have not seen before”.

Keeping Heathrow safe – with four passenger terminals and one for cargo – is a mighty task. More than 80 airlines fly 75 million passengers a year to 185 destinations in 84 countries.

A spokesman for the airport said: “Heathrow’s top priority is the safety and security of our passengers and colleagues.

"The UK and Heathrow have some of the most robust aviation ­security measures in the world and we remain vigilant to evolving threats by updating our procedures on a daily basis.

“We have reviewed all of our security plans and are confident that Heathrow remains secure.

(Image: PA)

“We have also launched an internal investigation to understand how this happened and are taking steps to prevent a similar occurrence in future."

An alarming breach that could hurt the UK

By Chris Hughes, Defence editor

The implications for a trove of information on airport security falling into the wrong hands are extremely serious and terrifying.

Islamic State is known to be pursuing a “spectacular” to match the 9/11 attacks.

Codes, maps, routes used by royals and emergency procedures would be of huge, perhaps inestimable, value to a terror cell.

Crucially, investigators will want to know how and why someone was able to get the information on to a USB stick. And worse, get it out of their workplace – then apparently lose it.

It is deeply alarming. That it should happen at a time of such a heightened terror threat may show security procedures and controls are not as nailed down as we had all hoped.

But there is another profoundly alarming aspect to this. Repeated attempts to disrupt Britain’s infrastructure have been made in recent years – by North Korea, among others.

This sort of information could be of great value to a hostile foreign intelligence agency. It could be used to merely expose weaknesses, costing Britain a fortune to resolve.

Or for a more sinister result if open hostility grew towards the UK.