Mar 082018
 

Kirsten Doyle reports that international airline Emirates is denying claims by a researcher claiming that they are leaking customers’ sensitive data. The alleged leak

 was discovered by Konark Modi, a data engineer for Cliqz, who explained in post last Friday, how he was booking tickets for his family through the Emirates Web site when he noticed a few things that raised red flags. He said when booking a flight through Emirates, domestic or international, there are approximately 300 data points related to the booking.

Doyle reports that the airline issued a response claiming that the researcher’s claims are inaccurate, in significant part.
And then the researcher fired back, claiming that their statement was inaccurate.
This probably would have been better handled out of the public eye via responsible disclosure, but it appears that although the researcher tried that route,  the airline did not respond appropriately.
In any event, the controversy makes for interesting reading. Read more on ITWeb, and keep in mind that the problems described are not specific or limited to this one airline.

Sorry, the comment form is closed at this time.