These days it’s relatively simple to plan out a whole trip through a number of travel booking websites and aggregators. While this has certainly helped make one part of traveling less stressful, a new research from Security Research Labs (SR Labs) is shedding light on just how poorly the systems that they rely on are protected. The problem is not with the travel booking websites themselves, but with the fact that the three major global distribution systems (GDS) used to manage the majority of travel reservations — Amadeus, Sabre, and Travelport — reportedly lack any kind of secure authentication.
Speaking at the 33rd annual Chaos Communication Congress, the largest European computer security conference, researchers Karsten Nohl and Nemanja Nikodijevic demonstrated that with nothing more than your six-digit passenger name record (PNR), which is used globally to store flight reservations, a hacker could steal your airline miles, gain access to your personal information, cancel flights, and more.
Home
United States
USA — software Flight reservations can be easily hacked with a last name and PNR...