1. TechSpot is dedicated to computer enthusiasts and power users. Ask a question and give support. Join the community here.
    TechSpot is dedicated to computer enthusiasts and power users.
    Ask a question and give support.
    Join the community here, it only takes a minute.
    Dismiss Notice

Almost half of all international airlines were affected by a ticket booking security vulnerability

By William Gayde · 4 replies
Jan 16, 2019
Post New Reply
  1. The vulnerability was discovered by Noam Rotem with the Safety Detective Research Lab and affects 44% or 141 different international airlines. It is related to the Passenger Name Record (PNR) system which is an identifier given to each passenger on a flight.

    By updating a specific element of the ticket booking webpage, RULE_SOURCE_1_ID, Rotem was able to view the customer name and flight details for any PNR he entered into Amadeus. Once he had a PNR and name pair, he could log into any of the affected airline's portals and potentially wreak havoc.

    While this isn't a threat to safety or financial data, it could easily have been used to ruin many peoples' days. Hackers could steal frequent flyer miles, impersonate users to cancel their flights, move seats, and change meal plans.

    The page Rotem gained access to where he could change flight details of any passenger

    This breach does require knowledge of the PNR codes beforehand, but customers and airlines don't exactly do a great job of protecting them. They are sent by the airline to the user unencrypted making them vulnerable to man-in-the-middle attacks. Many customers also post pictures of their boarding passes online to social media which also exposes this information.

    To make matters worse, Rotem also discovered that the system had no brute-force protections in place. He wrote a simple script that generated randomized PNRs and was able to access many customer accounts successfully.

    Rotem has since contacted EL AL, the Israeli airline he was flying with when he initially discovered the issue. It was then passed along to the Amadeus security team which has since patched the hole.

    Amadeus has since issued the following statement:

    “At Amadeus, we give security the highest priority and are constantly monitoring and updating our systems. Our technical teams took immediate action and we can now confirm that the issue is solved. To further strengthen security, we have added a Recovery PTR to prevent a malicious user from accessing travelers’ personal information. We regret any inconvenience this situation might have caused.”

    Rotem further suggested they introduce captchas to prevent brute-force attacks, passwords to replace the 6-digit PNRs, and bot protection mechanisms.

    Permalink to story.

  2. Uncle Al

    Uncle Al TS Evangelist Posts: 5,677   +4,024

    Just another good reason that I no longer fly. If I can't drive there, I'm not going!
    GirlDownunder likes this.
  3. Plutoisaplanet

    Plutoisaplanet TS Booster Posts: 107   +82

    Why not swim there??
  4. GirlDownunder

    GirlDownunder TS Booster Posts: 114   +35

    I'd love to take a cruise, outer cabin w/balcony. Some day..........
  5. Uncle Al

    Uncle Al TS Evangelist Posts: 5,677   +4,024

    Only if they have a bidet on board .... I can't do without my creature comforts!!!

Add your comment to this article

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...