January 26, 2019 at 06:00AM by CWC
In the digital age, one of the most exciting parts of traveling is being able to share all the highlights of your trip on social media, whether that’s swimming with cute pigs in the Bahamas or visiting some of the most stunning national parks in the country. And what do these trips usually start with? A quick Instagram post featuring your enviable #boardingpass. The only issue is that seemingly innocent shot could put you into a world of trouble.
According to Popular Mechanics, Noam Rotem, an Israel-based security researcher, uncovered a major problem with showcasing those pieces of paper online. You know the six-digit codes printed on both boarding passes and luggage tickets? Well, it’s called a passenger name record (PNR)—and he found hackers who obtain them can possibly retrieve personal data from travelers. “Just by guessing PNRs, I was able to access personal data and change contact details of customers,” he said. Not cool.
That’s not all you can do with a PNR, though. If someone gets access, they can steal your flights and frequent flier miles, change your seats—basically everything. And those barcodes on your tickets are a problem, too. If someone has a barcode-scanning app, they can snag private information about you as well. Even though Rotem was able to hack into one online booking platform in particular, it’s a big issue across the board: The technology airlines use to get you from point A to point B is still pretty archaic in general and not at all as secure as it should be in 2019.
Basically, until there’s more secure technology protecting passengers’ information, it’s not the best idea to showcase your boarding pass online. Instead, throw up some pictures of those millennial pink sandy beaches and palm trees. That’s what your friends really want to see anyway.