One of the best airlines in the world revealed the horrible news: every customer who…
As a result, an attacker can easily intercept passengers’ identification number, his name, email address and other data.
Researchers say about 2.5 million connections that were recorded in the affected domains of British Airways over the past six months.
“In order to simplify the user experience, passenger data is included in the URL as parameters. Such a link leads the client directly from a letter to the British Airways website, where the authentication process takes place automatically. The very details included in the URL are the identification number and last name. This data is not encrypted in any way and may be available to any interested person”, – said the report of the experts.
This means that an attacker who is on the same Wi-Fi network as a victim can easily intercept the link and gain access to passengers’ registration data.
The situation is aggravated by the extremely weak level of security in some Wi-Fi networks at airports.
Read also: British Airways will pay a record penalty for data leakage within the GDPR
Recall that in early July, the Office of the Commissioner for Information of the United Kingdom fined for non-compliance with GDPR the country’s largest airline and national air carrier – British Airways. The fine was a record as consisted £ 183 million.
The reason for such a serious penalty lies in the fact that the company could not protect the personal data of customers. British Airways suffered in September last year from this leak.
Colidunt.xyz is a domain that tries to trick you into clik to its browser notifications…
Myflisblog.com is a site that tries to trick you into subscribing to its browser notifications…
Dofenpas.xyz is a domain that tries to trick you into subscribing to its browser notifications…
Bifotend.xyz is a site that tries to trick you into subscribing to its browser notifications…
Likudservices.com is a domain that tries to trick you into clik to its browser notifications…
Codebenmike.live is a site that tries to trick you into subscribing to its browser notifications…