Technology content trusted in North America and globally since 1999
8,164 Reviews & Articles | 61,676 News Posts

US Airline Delta flaw let passengers access others boarding passes

Delta Airlines' online portal glitch saw users have the ability to view, edit and use other passengers boarding passes
By: Chris Smith | Internet & Websites News | Posted: Dec 17, 2014 11:03 am

Hackers of New York recently found a vulnerability in Delta's online portal, which allowed other passengers to view or alter other users boarding passes without knowledge or permission of the original owner.




Described as a direct object reference vulnerability, this issue saw Dani Grant from Hackers of New York contact Delta for an explanation. However they only received an apology for an "unfortunate online experience" with Delta choosing not to comment on any flaw that may have, or current does, exist.


In this correspondence with Grant, Delta commented that they "certainly understand how insecure you must have felt due to the unpleasant incident you experienced while trying to view and print boarding pass [sic] form our website". This information saw iTnews also contact the major airline, with the airline reportedly implementing a quick fix soon after being told of this issue.


People have altered and created boarding passes in the past, with Chris Soghoian being pinned by the FBI in 2006 for doing exactly the same thing. He even created a boarding pass with the name "Osama bin Laden" on Northwest Airlines just to prove its possibility.




Related Tags

Got an opinion on this news? Post a comment below!