Delta Airlines said Tuesday that a security vulnerability on its mobile boarding passes has been fixed without causing any “impact to flight safety.”
The boarding pass vulnerability was first found Monday by a BuzzFeed intern who also runs a site about technologists. In a post on Medium, Dani Grant detailed how she was able to access other passengers’ boarding passes simply by changing a single digit in her pass’ URL. She was also able to log in to Delta’s site as those other passengers, from which point she could’ve changed their seating assignments or accessed other details about them.
Grant was also able to access boarding passes belonging to non-Delta passengers, most likely because airlines share some technology that powers mobile boarding passes.
“After a possible issue with our mobile boarding passes was discovered late Monday, our IT teams quickly put a solution in place this morning to prevent it from occurring,” Delta spokesperson Paul Skrbec said Tuesday afternoon. Delta is still investigating the problem, but Skrbec’s statement added that Delta is “not aware of any compromised customer accounts.”
It’s unlikely that the flaw could have posed a threat to aviation safety. While Grant suggested on Twitter that it would have been possible to take advantage of the vulnerability for nefarious purposes, airport safety procedures should have prevented any security lapses.
- How to Help Victims of the Texas School Shooting
- TIME's 100 Most Influential People of 2022
- What the Buffalo Tragedy Has to Do With the Effort to Overturn Roe
- Column: The U.S. Failed Miserably on COVID-19. Canada Shows It Didn't Have to Be That Way
- N.Y. Will Soon Require Businesses to Post Salaries in Job Listings. Here's What Happened When Colorado Did It
- The 46 Most Anticipated Movies of Summer 2022
- ‘We Are in a Moment of Reckoning.’ Amanda Nguyen on Taking the Fight for Sexual Violence Survivors to the U.N.