Why You Should Never Post a Picture of Your Boarding Pass on Social Media
Even first-time filers know that an airline boarding pass contains certain information about a traveler. A passenger’s name, flight number, and seat assignment are all printed in plain sight. But did you know these tickets, whether a paper print out or an electronic version, contain more personal information than meets the eye?Get more news about boarding pass manufacturers,you can vist our website!
Specifically, the barcode on a boarding pass can pull up data like a frequent flier number, contact information, or other identification details. The information contained is “going to vary barcode by barcode, airline by airline,” says privacy researcher Bill Fitzgerald. But one rule of thumb is to always assume the scannable code “has information about you and your stuff and where you’re going,” he says.
Travelers should also assume that the barcodes contain driver's license and passport details, as fliers must provide these to the airline or at the airport, according to Fitzgerald. As such, the paper versions of the travel document should be disposed of with care. “If you have a barcode on something, you should not be throwing that into the trash unless you want somebody to get it,” says Fitzgerald. “And you should definitely never be posting it on social media.”
These might seem like standard data protection guidelines to follow, but even the most savvy travelers have tripped up when it comes to boarding pass protection. In March 2020, former Australian Prime Minister Tony Abbott posted an Instagram photo of his boarding pass for a Qantas flight. “Using only this image an attacker was able to gain access to the prime minister's personal details including his phone number and passport [number],” says Mark Scrano, an information security manager at cybersecurity firm Cobalt. Although that hacker didn't use Abbott's data for malicious purposes, instead spending months trying to contact Abbott's team to warn of a potential security breach, others might not be so altruistic.
Most attackers could use that data—which at first glance might seem minor or obscure on its own—to continue “leveraging your personal details to launch other online attacks against your digital accounts and persona,” Scrano says. “Many airlines use only the data on the boarding pass, specifically the confirmation code and last name to allow full access to your online account. These can be abused to access your personal data that is stored by the airline.”
By | buzai232 |
Added | Jan 6 '23, 11:29PM |
The Wall