Skip to main content
  1. Home
  2. Mobile
  3. News

Nasty little Delta Airlines security flaw lets you use someone else’s boarding pass (updated)

By

Updated on 12-17-2014 by Williams Pelegrin: Delta sent us a statement on the matter, saying the bug was squashed as of this morning. You can read Delta’s statement in the updated post below.

The holidays are a hectic time for airlines and airports, as they try to deal with the large influx of people visiting loved ones. The last thing anyone wants happening is some sort of security glitch that will ruin their holiday, and that’s precisely what happened with Delta Airlines’ nasty little glitch that lets you access someone else’s boarding pass.

Recommended Videos

Discovered by BuzzFeed ad product intern and the founder of Hackers of NY Dani Grant, the glitch presents you with someone else’s boarding pass when you change the URL of your boarding pass. What’s worse is that even if the person is on a different airline, the glitch still affects them equally. With the boarding pass, not only can you check in on them, but you can also change their seat.

Grant alerted Delta to the flaw, but the airline gave a rather unsatisfying response:

Delta response
Image used with permission by copyright holder

While the easiest counter to such a flaw is for airports to conduct thorough identity checks, there’s no guarantee that every airport will do such a thing, especially when dealing with the large number of people flying out for the holidays. In addition, such a solution would put the onus solely on the airports when it was Delta’s security flaw to begin with. Hopefully, the airline can remedy the glitch before it has irate customers on its hands.

Thankfully, however, Delta squashed the bug in its place. “Security is a top priority for Delta, and we employ multiple levels of it throughout the travel process,” reads the airline’s statement. “After a possible issue with our mobile boarding passes was discovered late Monday, our IT teams quickly put a solution in place this morning to prevent it from occurring. As our overall investigation of this issue continues, there has been no impact to flight safety, and at this time we are not aware of any compromised customer accounts.”

“We routinely monitor and perform analysis of data to ensure privacy for our customers. We apologize for any concern this may have caused.”

Editors’ Recommendations

Topics
Williams Pelegrin
Williams Pelegrin
Former Digital Trends Contributor
Williams is an avid New York Yankees fan, speaks Spanish, resides in Colorado, and has an affinity for Frosted Flakes. Send…
Why I love the Kindle Scribe, and it’s not for reading or taking notes
A person using the Amazon Kindle Scribe and its stylus.

I really wanted to try an e-reader with a bigger screen, and leapt at the chance to spend time with the latest Amazon Kindle Scribe with its 10.2-inch e-paper screen. However, it wasn’t what I expected, and when I started to take notes using the stylus, it highlighted something I've known for a while: I'm terrible at physically writing anything anymore. It then prompted me to do something about it.
Lots of writing

Almost every word I share these days is typed, and has been that way for years and years. Every message, every form, every article, and every note is created digitally. If I write a word with a pen against paper, its in a greeting card, or something mundane like writing my name or address. Even then, it’s an effort not to write only in block capitals, because my cursive text is reduced to a barely legible scribble as my speed increases.

Read more
Instagram is ramping up AI-powered age detection on teen users
The Foto and Instagram app on an Android phone.

The days of teenagers lying about their age on Instagram are over. Meta has announced that they're using AI-powered age detection technology to enroll teens suspected of misrepresenting their age to a restricted Teen Account.

Instagram's parent company announced the AI-driven crackdown on teen Instagram users in a blog post on Monday, saying that it's leveraging its AI, which it has been using to detect the age ranges of many of its users for some time, to detect accounts it suspects belong to teenagers who lied about their age to bypass safeguards, even if they have an adult birthday listed. Instagram said it is taking steps to ensure the AI is accurate and will correctly place teen users into Teen Accounts, but will give users an option to change their settings if their account has been placed into a Teen Account by mistake.

Read more
This luxury Tag Heuer smartwatch has a $900 discount right now
The Tag Heuer Connected Calibre E4 in black with a Jomashop watermark.

There's been a longstanding thought process that says you can either have luxury or smarts. And we're not talking about life, but rather in watches. Smart watches are seen as a luxury but not luxurious. Old school watches are seen as smartly designed, but not "smart." The rising hybrid watch trend, however, shows that there is a lot of demand for luxurious smart watches.

Tag Heuer's Connected Calibre E4 isn't quite a hybrid, but it is most certainly of the luxury variety. Today, however, it has been marked down in price. By a lot. Tap the button below to see the Tag Heuer Connected Calibre E4 at a price of $1,450. That's $900 less than its retail of $2,350 and a discount of 38%.

Read more