Contact Contact Us

Online Booking System Flaw Affects 141 Airlines

The Amadeus ticket booking system contains a vulnerability that allows anyone to access and change private information on flight bookings. The ticketing system is used by 141 international airlines, which represents about 44% of the global online reservation market. The booking system exposes the Passenger Name Record (PNR), which provides access to the passengers' names and associated flight details. Using the PNR code, a user can login to the customer portal to change or cancel flight reservation, claim frequent flyer miles, assign seats and meals, and update customer's email and phone number. Amadeus has since rectified the flaw in its online reservation system after being notified.

[1] Major Security Breach Discovered Affecting Nearly Half of All Airline Travelers Worldwide

Ensign InfoSecurity Singapore
30A Kallang Place
Singapore 339213

Tel: +65 6788 2882
Fax: +65 6788 3883