Delta Airlines said Tuesday that a security vulnerability on its mobile boarding passes has been fixed without causing any “impact to flight safety.”
The boarding pass vulnerability was first found Monday by a BuzzFeed intern who also runs a site about technologists. In a post on Medium, Dani Grant detailed how she was able to access other passengers’ boarding passes simply by changing a single digit in her pass’ URL. She was also able to log in to Delta’s site as those other passengers, from which point she could’ve changed their seating assignments or accessed other details about them.
Grant was also able to access boarding passes belonging to non-Delta passengers, most likely because airlines share some technology that powers mobile boarding passes.
“After a possible issue with our mobile boarding passes was discovered late Monday, our IT teams quickly put a solution in place this morning to prevent it from occurring,” Delta spokesperson Paul Skrbec said Tuesday afternoon. Delta is still investigating the problem, but Skrbec’s statement added that Delta is “not aware of any compromised customer accounts.”
It’s unlikely that the flaw could have posed a threat to aviation safety. While Grant suggested on Twitter that it would have been possible to take advantage of the vulnerability for nefarious purposes, airport safety procedures should have prevented any security lapses.
More Must-Reads from TIME
- Donald Trump Is TIME's 2024 Person of the Year
- Why We Chose Trump as Person of the Year
- Is Intermittent Fasting Good or Bad for You?
- The 100 Must-Read Books of 2024
- The 20 Best Christmas TV Episodes
- Column: If Optimism Feels Ridiculous Now, Try Hope
- The Future of Climate Action Is Trade Policy
- Merle Bombardieri Is Helping People Make the Baby Decision
Contact us at letters@time.com