Airline boarding passes display a lot more information than just your flight and seat number, according to a security researcher who recommends shredding old ones—and he says posting photos of boarding passes online is a bad idea.
At KrebsOnSecurity, Brian Krebs warns that the barcodes printed on boarding passes can give hackers the key to finding out information about a flyer's personal details, itinerary, and frequent-flyer accounts.
Krebs recounts the story of a curious reader who saw a photo of a friend's boarding pass on Facebook and was surprised by how much he found out by putting the barcode image into an online decoder.
The information from the code was enough to access the passenger's frequent-flyer account, which would have allowed a hacker to do things like change seats or cancel flights, as well as learn enough to break into other accounts, writes Krebs, who notes that United Airlines seems to "treat its customers' frequent flyer numbers as secret access codes." The security hole probably won't be much of a problem for most people as long as they don't leave their boarding passes lying around, writes Jamie Condliffe at Gizmodo, but it should be a "reminder to be careful about what you post online." (This security researcher found enough bugs to earn 1 million free air miles.)
This article originally appeared on Newser: Security Expert: Boarding Passes Reveal Way Too Much
More From Newser