The holidays are a hectic time for airlines and airports, as they try to deal with the large influx of people visiting loved ones. The last thing anyone wants happening is some sort of security glitch that will ruin their holiday, and that’s precisely what happened with Delta Airlines’ nasty little glitch that lets you access someone else’s boarding pass.
Discovered by BuzzFeed ad product intern and the founder of Hackers of NY Dani Grant, the glitch presents you with someone else’s boarding pass when you change the URL of your boarding pass. What’s worse is that even if the person is on a different airline, the glitch still affects them equally. With the boarding pass, not only can you check in on them, but you can also change their seat.
Grant alerted Delta to the flaw, but the airline gave a rather unsatisfying response:
While the easiest counter to such a flaw is for airports to conduct thorough identity checks, there’s no guarantee that every airport will do such a thing, especially when dealing with the large number of people flying out for the holidays. In addition, such a solution would put the onus solely on the airports when it was Delta’s security flaw to begin with. Hopefully, the airline can remedy the glitch before it has irate customers on its hands.