The black bar and QR codes displayed on a boarding pass actually contains passenger’s personal information that lead as a gateway for hackers to steal information such as flight records, frequent flier account, your flight partner info and others.
The issue was raised and revealed by an avid reader of KrebsOnSecurity named Cory to Brian Krebs (an American cybercriminals jounalist and reporter) after decoded a boarding pass in an online barcode readers of his friend’s that was uploaded on Facebook. Simply by doing screen captures the boarding pass and uploaded it to the barcode readers website, the bar and QR codes disclosed all the personal data and trip information of his friend.
By access to his friend’s frequent flier account, all the flight records made on that day and future flight that tied to his frequent flyer number from the Star Alliance, could be easily tracked on Lufthansa’s website.
Not only disclosed about flight records, by consider this can be done with some skills of basic social hacking and guessing to the security questions, the user’s PIN number of Star Alliance frequent flyer account can be reset by attacker and take control of it.
Preventions is better than cure. What you can do to prevent becoming a victim of hackers to your flight information? Our suggestion is don’t forget to delete old boarding pass on your smart phone. Keep the flight ticket with you and don’t forget to burn it once arriving in a country. And never upload your boarding pass on Facebook! That is what people crazy to do with their Facebook!
Don’t you think so…..?
