New York, NY—Avatar New York, an award winning New York web design agency, details how Delta Airlines’ poor website security caused the data breach that allowed passengers to see information on other boarding passes.
A recent flaw in the design of the Delta Airlines website made it possible for passengers to view private information on other boarding passes by making a small change in the URL. Dani Grant, a security researcher, admitted that she was able to view boarding passes from passengers on other Delta flights, and some non-Delta flights, simply by changing some of the characters within the URL. She revealed she was even able to swap her boarding pass for one belonging to another passenger and switch their seat.
Todd Johnson, managing director of Avatar New York, a leading New York web design company, says though the problem has since been corrected, it represents a larger problem in web development. “Data breaches like this are entirely preventable,” he says. “Web developers must make security a priority, especially when the site is handling personal information, such as credit card numbers, names, addresses, and itineraries. This means creating a unique and intelligent identification scheme to thwart hackers.”
For a big brand like Delta, the situation could have been far more disastrous, Johnson explains. “Hackers and criminals prey on websites with security weaknesses,” he says. “Playing around with URLs is a common way for hackers to access other pages and private information. Identifiers in URLs must change to form unique web pages each time. This is something developers should test on a regular basis to ensure the site is completely secure.”
Avatar New York is an innovating, award winning New York web design firm dedicated to providing clients with responsive websites that help grow brands and convert visitors to customers. With an expertise in web development, branding, cloud hosting, mobile app development, and CMS and e-commerce solutions, Avatar New York’s top tier designers have the ability to create intelligent websites for any type of business.