Dec 282016
 
 December 28, 2016  Breaches, Business

Eric Auchard reports:

Major travel booking systems lack a proper way to authenticate air travelers, making it easy to hack the short code used on many boarding passes to alter flight details or steal sensitive personal data, security researchers warned on Tuesday.

Passenger Name Records (PNR) are used to store reservations with links to a traveler’s name, travel dates, itinerary, ticket details, phone and email contacts, travel agent, credit card numbers, seat number and baggage information.

The six-digit codes act as pincodes for locating travel records, albeit with vital differences that make them highly insecure compared with even the simple usernames and passwords that consumers use to access email or websites, the researchers said.

Read more on Reuters.

Sorry, the comment form is closed at this time.