MY BRAND BOOK 141 Airlines Booking System Goes Awry Worldwide

141 Airlines Booking System Goes Awry Worldwide

By MYBRANDBOOK

There is a critical vulnerability found in online flight booking system, with this almost half of the fight travellers around the world were found exposed to a critical security vulnerability, that allowed remote hackers to access and modify their travel details and even claim their frequent flyer miles.

A Israeli network security researcher Noam Rotem discovered the vulnerability when he booked a flight on the Israeli airline ELAL, successful exploitation of which just required victim’s PNR (Passenger Name Record) number.

Hackers are really smart enough to enter into the flight booking system, which is developed by Amadeus, which is widely used by nearly 141 international airlines, including United Airlines, Lufthansa and Air Canada. After booking a flight with ELAL, the traveler receives a PNR number and a unique link that allows customers to check their booking status and related information associated with that PNR.

Rotem found that merely by changing the value of the "RULE_SOURCE_1_ID" parameter on that link to someone else's PNR number would display personal and booking-related information from the account associated with that customer.

Using disclosed information, i.e. booking ID and last name of the customer, an attacker can simply access the victim's account on ELAL's customer portal and "make changes, claim frequent flyer miles to a personal account, assign seats and meals, and update the customer's email and phone number, which could then be used to cancel/change flight reservation via customer service. "The report says, the vulnerability could have affected hundreds of millions of travelers.

Amadeus has able to fix the issue, and the Rotem's script can no longer identify active PNRs as demonstrated in the above video.

In a statement Amadeus says , "At Amadeus, we give security the highest priority and are constantly monitoring and updating our systems. Our technical teams took immediate action, and we can now confirm that the issue is solved."

BREAKING NEWS

Cisco announces AI-native secure Wi-Fi 7 for future-ready employe...

Announcing a major leap in wireless technology, Cisco has launched its Wi...

The BSE benchmark Sensex tumbled over 800 points, leaving investo...

The BSE benchmark Sensex recently experienced a significant drop, tumblin...

North Korean GPS Interference Disrupts Air Traffic...

South Korea's military has publicly accused North Korea of disrupting GP...

US ordered TSMC to halt chip shipments to China...

TSMC has had regular discussions with the government on export control issu...

TECHNO TRENDS

Nazara and ONDC set to transform in-game monetization with ‘

Nazara Technologies has teamed up with the Open Network for Digital Comme...

Jio Platforms and NICSI to offer cloud services to government

In a collaborative initiative, the National Informatics Centre Services In...

BSNL awards ₹5,000 Cr Project to RVNL-Led Consortium

A syndicate led by Rail Vikas Nigam Limited (abbreviated as RVNL), along wi...

Pinterest tracks users without consent, alleges complaint

A recent complaint alleges that Pinterest, the popular image-sharing platf...

E-Magazine

TECHNOTAINMENT

Eloelo teams up with Elvish Yadav for India's biggest digital

Netflix adds 'Moments' feature for saving, sharing scenes from

Netflix has introduced a new “Moments” feature on its mobile app, whic

Jacqueline Fernandez come together with YouTuber Mr. Beast for

Jacqueline Fernandez has partnered with American YouTuber Mr. Beast to b

MOVERS & SHAKERS

Kamal Nath quits SIFY Technologies

Visa elevates Rishi Chhabra as new Country Manager for India

Rishi holds a Master’s in Industrial Engineering from The Ohio State Univ

Genesys welcomes Albert Nel as Senior VP and Regional Sales Le

Genesys continues to deepen its investment in the APAC region. Earlier this

OPEN YOUR EYES

Technology has made organizations more dependent by using facial recognition

Rising Uncertainty On The Start-ups At The Verge Of Collapse

Artificial Intelligence and Cyber-security are key pillars of Digitization

Digitalization and cyberattacks go hand in hand

DIGITAL: THE NEXT REVOLUTION

INTERVIEWS

Delivering Critical Business Communication Solutions to Enterp

Bolstering its commitment to help build a truly self-reliant B

CP PLUS is dedicated to spreading a sense of security to every corner of In

Alcatel-Lucent Enterprise Carrying a 100 year legacy ahead

A good amount of R&D works and global support services are operated out of

HOT PICK

BOULT unveils AmpVault V10 & V20 powerbanks: Fast charging, sa

SonicWall Launches TZ80: A Powerful Solution for Remote Office

SonicWall announced today the launch of the TZ80, a groundbreaking securit

Gigabyte X3D Turbo: A Gaming Revolution

GIGABYTE X3D Turbo Mode is a cutting-edge feature that unifies cores distr

MAKE IN INDIA BRANDS

BHARAT ELECTRONICS LTD.

DATA SAFEGUARD INDIA PRIVATE LIMITED

FRESHWORKS TECHNOLOGIES PVT. LTD.

DIGISOL SYSTEMS LTD.

EMINENT CIO'S OF INDIA

GAINING CUSTOMERS’ TRUST IS ESSENTIAL FOR SMOOTH OMNICHANNEL INTERACTIONS

In the fiscal year 2024-25, our organization has i...

PRIORITIZING APPROPRIATE DATA MANAGEMENT AND ETHICAL AI IS THE NEED OF THE HOUR

For us, cultivating customer trust amidst for that...

USING AI & BI OFFERINGS TO ADDRESS CLIENT NEEDS

In the fiscal year 2024-25, Assisto Technologies h...

ICONS OF INDIA

SHAKTIKANTA DAS

Shaktikanta Das is serving as the current & 25th governor of the Reser...

Icons Of India : MUKESH D. AMBANI

Mukesh Dhirubhai Ambani is an Indian businessman and the chairman and ...

Icons Of India : Deepak Sharma

Deepak Sharma spearheads Schneider Electric India. He brings with him ...

PARTNER SPEAKERS

Unwavering Commitment & Communication helping to thrive in the evolving digital landscape

We leverage a comprehensive market intelligence framework and an advanced CRM ...

Ensuring Mutual Success By Aligning Partner's Needs

The IT industry is one of the most dynamic industries. Here, not only does the...

Revolutionizing surveillance industry with innovative range of accessories

Adoption of digital technology is essential for real growth and without this s...

PSU

BEL - Bharat Electronics Limited

BEL is an Indian Government-owned aerospace and defence electronics co...

STPI - Software Technology Parks of India

STPI promotes and facilitates the growth of the IT and ITES industry i...

CSC - Common Service Centres

CSC initiative in India is a strategic cornerstone of the Digital Indi...

VIDEOS

Top 25 Brands

Most Trusted Brands 2024: DELL TECHNOLOGIES INC.

Dell Technologies has been at the forefront of developing edge computing solut...

Most Trusted Brands 2024 : Oracle Corporation

Oracle focuses on secure enterprise software, and cloud solutions to build str...

Most Trusted Brands 2024: MICROSOFT CORPORATION

Microsoft Corporation has been at the forefront of technological innovation fo...

Global Indian industry

Indian Tech Talent Excelling The Tech World - Rajiv Ramaswami, President & CEO, Nutanix Technologies

Rajiv Ramaswami, President and CEO of Nutanix, brings over 30 years of...

Indian Tech Talent Excelling The Tech World - Soni Jiandani, Co-Founder- Pensando Systems

Soni Jiandani, Co-Founder of Pensando Systems, is a tech visionary ren...

Indian Tech Talent Excelling The Tech World - Aman Bhutani, CEO, GoDaddy

Aman Bhutani, the self-taught techie and CEO of GoDaddy, oversees a co...

STARNITE AWARDS 2024

ITFORUM 2024

CMO of the Year

WOMEN LEADERSHIP

IMAGE GALLERY

TRENDS IN TECHNOLOGY