A Flaw Found in E-Ticketing Systems Used By at Least Eight Airlines Could Be Exploited To Access Sensitive Information About Travelers (betanews.com) 15
Eight airlines, including Southwest, use e-ticketing systems that could allow hackers to access sensitive information about travelers merely by intercepting emails, according to research published Wednesday by the mobile security company Wandera. From a news writeup: Researchers at security and data management company Wandera have uncovered a vulnerability affecting a number of e-ticketing systems that could allow third parties to view, and in some cases even change, a user's flight booking details, or print their boarding passes. The problem affects a number of major airlines including Southwest, Air France, KLM and Thomas Cook.
All of these have sent unencrypted check-in links to passengers. On clicking these links, a passenger is directed to a site where they are logged in automatically to the check-in for their flight, and in some cases they can then make changes to their booking.
All of these have sent unencrypted check-in links to passengers. On clicking these links, a passenger is directed to a site where they are logged in automatically to the check-in for their flight, and in some cases they can then make changes to their booking.
That's true for many services... (Score:4, Insightful)
Not close to the biggest issue. (Score:2, Informative)
If someone has hacked into my e-mail, you think the fact that they can access my boarding pass for an upcoming flight is the biggest issue?
Sure, this person can potentially print my boarding pass or cancel my flight (by the way, there are WAY bigger vulnerabilities that allow this too that are known in the industry). Annoying, but not life threatening. They can see my real name (which, if they have my e-mail, they already know). They can SORT OF change flight info, but in general airlines prevent changin
Oy vey! (Score:2)
Re: (Score:2)
How, exactly, does this affect 'security in transportation'?