Transport

Online Booking System Flaw Affects 141 Airlines

15 - 22 January 2019

The Amadeus ticket booking system contains a vulnerability that allows anyone to access and change private information on flight bookings.
Cyber_News_Transport
The Amadeus ticket booking system contains a vulnerability that allows anyone to access and change private information on flight bookings. The ticketing system is used by 141 international airlines, which represents about 44% of the global online reservation market. The booking system exposes the Passenger Name Record (PNR), which provides access to the passengers' names and associated flight details. Using the PNR code, a user can login to the customer portal to change or cancel flight reservation, claim frequent flyer miles, assign seats and meals, and update customer's email and phone number. Amadeus has since rectified the flaw in its online reservation system after being notified. 

References:
[1] Major Security Breach Discovered Affecting Nearly Half of All Airline Travelers Worldwide
 
 
 
 
 
 
 

More Weekly Cyber Newsanalysis and insights

Ensign Consulting

Enhancing your security posture, developing your cyber strategy, and designing your incident response plans.​

Ensign Systems Integration

Architecting and implementing cybersecurity solutions that bolster defences

Ensign Managed Security Services

Managing your security operations for advanced threat detection, continuous monitoring, and triage services

Ensign Labs

Performing deep research to analyse vulnerabilities, deploy advanced threat hunting and provide cyber threat intelligence