Mostly it's your record locator and frequent flier number, but with that, an attacker can access the ticket record, see your future flights, your email address, and the details of the emergency contacts you'd added to the reservation.
With that info, you can cancel future flights and also get a lot of the info needed to do a PIN or password reset and take control of your account with the airline. Some airlines -- like United -- treat your frequent flier number itself as a secret authentication token, and this data can be read out of the barcode on the boarding-card.
“Besides his name, frequent flyer number and other [personally identifiable information], I was able to get his record locator (a.k.a. “record key” for the Lufthansa flight he was taking that day,” Cory said. “I then proceeded to Lufthansa’s website and using his last name (which was encoded in the barcode) and the record locator was able to get access to his entire account. Not only could I see this one flight, but I could see ANY future flights that were booked to his frequent flyer number from the Star Alliance.”
The access granted by Lufthansa’s site also included his friend’s phone number, and the name of the person who booked the flight. More worrisome, Cory now had the ability to view all future flights tied to that frequent flyer account, change seats for the ticketed passengers, and even cancel any future flights.
What’s in a Boarding Pass Barcode? A Lot
[Brian Krebs/Krebs on Security]
Personal information for more than 10 million former guests of MGM resorts has been posted on a hacking forum. Among the notable data breach victims: Twitter and Square CEO Jack Dorsey. The leaked data includes home addresses, and is said to only affect guests who stayed at the hotel chain’s properties before 2018.
There is very little evidence that Ring reduces crime. Hundreds of police departments have signed agreements with Amazon-owned Ring to obtain access to the home surveillance camera footage. Interviews with many of them, in 8 different states, show little to no evidence that Ring actually deters criminal activity.
Leaked images, many of them graphic nude photos, were from imaging firm NextMotion in France
With so many manufacturers out there these days, it’s tough to know who to trust in the ultra-competitive wireless earbuds market. If you’ve never heard of LinearFlux, you may soon. That’s because it’s a company with a stellar pedigree whose co-founders were two of the engineers behind the original success of two audio houses you […]
Two-thirds of American adults drink coffee every day. On average, they’re each drinking about three cups per day, which works out to nearly 400 million cups downed each and every day. We don’t have stats on what percentage of those cups are God awfully bad, but you have to assume with so many ways to […]
For those with a writing flair, the thought of building a career as a professional copywriter should probably have some appeal. Thankfully, it’s also an in-demand job skill with the average copywriter making a healthy $60,000 a year for their efforts. But even if you have a way with words, you still need the industry […]