In association with heise online

01 February 2011, 16:43

Report: Ryanair's booking system is insecure - Update

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

Economy airline Ryanair's online booking system allows for flight amendments and the addition of extra services for their associated fees. According to a report by Berlin newspaper Der Tagesspiegel (German language link), it's easy for an outsider to gain access to the system using just a reservation number or email address along with the flight date as well as the departure and destination airports. This data can be found out quite easily, for example by asking people about their holiday plans via Facebook. It's therefore relatively easy for anyone to maliciously manipulate Ryanair bookings.

Update: While other airlines require either a password or a unique booking number to access their booking systems, Ryanair's spokesman Daniel de Carvalho apparently considers this as dispensible. In a statement to Der Tagesspiegel he waved off concerns issued by experts consulted by Der Tagesspiegel. In direct communication with The H in response to the original wording of this last paragraph of our report, Ryanair's PR forwarded the full statement in English: "Your ‘experts’ are talking complete rubbish. If someone’s lunatic ex-partner wants to access a flight booking and pay for priority boarding or extra baggage for the person they just split up from then they all have a lot more to worry about than a simple amended flight booking. It is everyone’s individual responsibility to keep their personal information personal."

See also:

(trk)

Print Version | Send by email | Permalink: http://h-online.com/-1181896
 


  • July's Community Calendar





The H Open

The H Security

The H Developer

The H Internet Toolkit