Skip to main content
  1. Home
  2. Computing
  3. News

A flaw in e-ticket systems could mean a hacker can print your boarding pass

Arif Bacchus
By
best flight tracking apps
Trevor Mogg

Security researchers at the firm Wandera have exposed a vulnerability in the e-ticking system used by several popular global airlines. The vulnerability was discovered in December and involves unsecured check-in emails that can put the personal information of passengers at risk or even allow a hacker to print boarding passes.

Though there is no evidence that currently supports a major data breach, eight airlines including Southwest, Air France, KLM, Vueling, Jetstar, Thomas Cook, Transavia, and Air Europa are impacted by this vulnerability. According to Wandera, these airliners are sending unencrypted check-in links, which otherwise automatically log passengers into a website to check flight status and print boarding passes. That can allow a hacker who is sharing the same Wi-Fi network as a passenger to intercept the link and gain access to the same information.

Recommended Videos

Several types of personally identifiable information can be accessed through this vulnerability, including passport information, seat assignments, first and last names and baggage selections. However, the type of information that can be stolen depends on each airline e-ticking system. In some cases, hackers can still leverage this information to their advantage to change an itinerary. That includes the ability to add or remove extra bags, change seating arrangements, or alter both the mobile phone number or email associated with a booking.

Related

“Our threat research team observed that travel-related passenger details were being sent without encryption as one of our secured customers accessed the e-ticketing system of one of the airlines mentioned above. It was at that time that Wandera notified the airline and began further research,” Wandera said.

The vulnerability was shared the appropriate government agencies as well as with the airlines. A period of four weeks is given for the vulnerability to be fixed before it was made public. As a solution, Wandera recommends for airlines to adopt strong encryption methods, require user authentication, and use one-time tokens for links in emails.

This would not be the first time that airliners have faced scrutiny relating to its cybersecurity practices. Though more severe, a British Airways data hack in 2018 impacted more than 380,000 passengers after its computer systems were breached. A separate instance with Cathay Pacific also impacted up to 10 million of its customers in 2018.

Editors' Recommendations

Topics
Arif Bacchus
Arif Bacchus
Computing Writer
Arif Bacchus is a native New Yorker and a fan of all things technology. Arif works as a freelance writer at Digital Trends…
This HP Pavilion desktop PC had its price cut from $700 to $440
HP PC connected to a monitor.

HP is one of the most reliable sources for dependable desktop PCs at affordable prices. Take this as an example -- the HP Pavilion Desktop TP01, originally priced at $700, is currently available for just $440 following a $260 discount. With a configuration that's more than enough for the usual tasks that you'll do for work or school, this is one of the most attractive desktop computer deals that we've seen in a while. We're not sure how long this offer will remain online though, so you'll have to complete the purchase as soon as possible if you don't want to miss out.

Why you should buy the HP Pavilion Desktop TP01
Let's get it out of the way -- the HP Pavilion Desktop TP01 isn't going to be as powerful as the top-of-the-line models of the best desktop computers. However, with its AMD Ryzen 3 5300G processor, integrated AMD Radeon Graphics, and 8GB of RAM, it's going to be more than enough to handle activities such as doing online research, making reports, and creating presentations. The desktop PC excels in its storage capabilities though, as it's got a 256GB SSD for its primary storage where Windows 11 Home is pre-installed and a 1TB HDD for its secondary storage. That's a lot of space for your files!

Read more
This Lenovo 2-in-1 laptop is discounted from $3,409 to $799
Lenovo ThinkPad X1 Yoga Gen 7 front angled view showing display.

If you skip past Lenovo's somewhat disingenuously high estimated value system, there are generally some great laptop deals to check out at the site. Right now, you can buy the Lenovo ThinkPad X1 Yoga for $799. Lenovo reckons that's reduced from $3,409 which seems excessively high and unlikely to us, but we do know that $799 is a pretty sweet deal for this laptop. If you're keen to know more, keep reading while we take you through what to expect from it. Don't forget to hit the buy button if it sounds like the one for you.

Why you should buy the Lenovo ThinkPad X1 Yoga
Lenovo ThinkPad X1 Yoga Gen 7 Mark Coppock / Digital Trends

Read more
Quick — This 32-inch 4K monitor just had its price slashed by 21%
The 27-inch Dell S2721QS 4K monitor on a table.

Dell often has some great monitor deals and the firm has certainly excelled itself with an offer on the Dell 32-inch SE3223Q 4K monitor. Usually priced at $380, it's down to $300 for a limited time only. A fantastic price for a 4K monitor, you might already know to hit the buy button below but if you need some more guidance, keep reading while we explain what it offers.

Why you should buy the Dell 32-inch SE3223Q 4K monitor
Dell makes some of the best 4K monitors around with the Dell 32-inch SE3223Q 4K monitor reflecting many of those qualities. It offers 99% sRGB on its VA panel with 1.07 billion colors overall. There's also the aforementioned 4K resolution of 3840 x 2160 wide viewing angles and an anti-glare surface. It also has a response time of as little as 4ms gray-to-gray extreme and AMD FreeSync support. While the response rate isn't perfect for a gaming setup, it's fine for some light gaming with AMD FreeSync ensuring you get smooth browsing while you work.

Read more