Airline E-ticketing vulnerability exposes passenger PII

Traveling can be stressful enough without worrying about your personal information being leaked when you use your e-ticket. Created to make airline travel for customers more streamlined, some airline e-ticket systems’ can expose customer Personally Identifiable Information (PII) via unencrypted check-in links that hackers can easily intercept.

In December, it was discovered that several airlines’ e-ticketing systems were vulnerable, including Southwest, Air France, KLM, Vueling, Jetstar, Thomas Cook, Transavia, and Air Europa.

When passengers clicked the unencrypted link to make changes to their booking before printing their boarding passes, hackers were able to intercept the link request and gain access to the passenger’s information, including names, email addresses, passport numbers, seat assignments, and debit/credit card details.

This is just one more reason organizations need to close the cyber gaps of securing and classifying their sensitive data when working with third parties, and thoroughly vetting those partners in order to keep customers’ data from being exposed.

Spirion encourages its customers to establish new data privacy compliance and transparency levels when integrating with third parties. In the case of the airlines above, this would have mitigated their passengers’ sensitive data risk by providing safeguards directly to the data, giving them complete visibility of malicious activities and the ability to take swift action in near real-time.

By incorporating rapid data discovery, automated classification, management and alerts into a single workflow Spirion helps you protect high-value data from internet, network and cloud environment intrusions — without false positives. The Spyglass Executive Dashboard provides you with visibility into broken security processes and manages risks before they become breaches. With Data Lifecycle Management your team can eliminate unauthorized access to PII data by encrypting, shredding, redacting or quarantining the unsecured files.

A data breach has catastrophic results for companies and careers — not to mention your valued customers. Spirion slams the door on potential breaches.

Learn about how Spirion can help protect your sensitive data footprint. 

Related Blog Posts

Blog Post
10 Ways You Can Avoid Identity Theft This Tax Season
Blog Post
Do Your DLM and ILM Practices Meet New Data Privacy Laws?
Blog Post
Leveraging Data Inventories for CCPA and GDPR Compliance – Part 3
Blog Post
Sodinokibi – Communication strategies for dealing with Ransomware
Blog Post
Find Data and Gain Visibility as the First Step in Data Security
Blog Post
8 Steps Security Leaders Follow to Classify Sensitive Data