Skip to main content
  1. Home
  2. News

Why posting photos of your boarding pass is a terrible idea

By

Ah, travel. Remember travel?

Travel was when we used to go “other places,” in a time when the U.S. wasn’t literally banned from the rest of the world. And often, when preparing to travel, we used to post pictures to social media of our boarding pass to show off to our friends and — more importantly — anonymous internet strangers.

Turns out this is and has always been a terrible idea because the internet is dark and full of hackers. Or in this case, a person in Australia who knows how to access the “inspect element” option on a website’s drop-down menu and used it to hack personal details from the country’s former Prime Minister.

"So you know when you’re flopping about at home, minding your own business, drinking from your water bottle in a way that does not possess any intent to subvert the Commonwealth of Australia?"https://t.co/OCvJKODTTZ

— “Alex” (@mangopdf) September 16, 2020

As chronicled in an extremely hilarious blog post, complete with YMCA background music, Alex Hope, a hacker and blogger based in Australia, detailed his odyssey of kind-of-accidentally-on-purpose discovering the passport and phone numbers of former Australian Prime Minister Tony Abbott.

It all started when Abbott posted a picture on Instagram of his boarding pass in March, in which the booking reference number is clearly visible (the photo has since been removed, because duh).

Turns out, as Hope discovered, you can easily log in to certain airline websites using just this information: A last name and a booking reference. And voilà, Hope got his hands on the rather sensitive information of the major Australian diplomat, including what the airline was saying about Abbott, his phone number, and his diplomatic passport number.

This sent Hope down a wormhole of government email addresses and telephone numbers, trying to inform the powers-that-be that he had rather easily snagged this information and that it was a problem. In the end, Hope said officials corrected the issue.

When reached for comment, Hope confirmed to Digital Trends that he wasn’t a professional white-hat hacker, and the blog was basically just a fun side project, but that he does work in computer security professionally.

“I didn’t have to use any like, actual computer knowledge for this,” he told Digital Trends over Twitter. “But doing this kind of thing for work did get me in the useful habit of recording my screen whenever I’m about to do a crime.”

Making yourself an easy target

While Hope’s story is the latest (and currently, funniest) documentation of how this kind of identity theft works, it’s been a known problem for a while.

Hope’s hack was fairly low-tech (a simple right-click will do it), but there are websites out that that can also fully scan a boarding pass bar code simply through the picture, according to Reader’s Digest.

In 2017 and 2018, both Forbes and the tech blog Null-Byte pointed out that while some bad actors will go so far as to “socially engineer” (aka phish) information out of people, a simple search of #boardingpass on Instagram will yield thousands of potential targets. Even if a bar code or a booking reference aren’t forthcoming, just a frequent flyer number will work. Even Google Images indexes boarding pass pictures.

It doesn’t take much to get people’s personal information and screw up their lives via identity theft. So don’t let vanity — or a compulsive desire for social media validation — will be your downfall. Stop posting pictures of your boarding passes. Or at least obscure the important information if you must show off to your pals.

Topics
Maya Shwayder
Maya Shwayder
Former Digital Trends Contributor
I'm a multimedia journalist currently based in New England. I previously worked for DW News/Deutsche Welle as an anchor and…
These new chips could be good news for Copilot+ PCs
The Qualcomm Snapdragon X Plus

The first Copilot+ laptops are already out, powered by Qualcomm's impressive new Snapdragon X chip. The first batch of reviews were delayed, and early impressions have observed the hits and misses of the current chips. But a new leak tells us that Qualcomm might have another ace up its sleeve, and there may be hope for these Arm-based Copilot+ PCs yet. What's new? There might be more models of the chip than what we've been privy to so far.

So far, we've seen reviews of the Asus Vivobook S 15, but that's just one of several chips that fall under the Snapdragon X Elite umbrella. According to files for the Adreno GPU driver, there may be not just six, but 10 different models of the Snapdragon X -- and three of those are Plus chips, which we've previously only seen one of.

Read more
Hacker claims to have hit Apple days after hacking AMD
The Apple logo is displayed at the Apple Store June 17, 2015 on Fifth Avenue in New York City

Data breaches happen all the time, but when the giants get hit, it's impossible not to wonder what kind of critical data may become exposed. Earlier this week, notorious cybercriminal Intelbroker reported that they managed to hack AMD. Now, they followed up with claims about hacking Apple, and went as far as to share some internal source code on a hacking forum.

As Apple has yet to comment, all we have to go off is the forum post, first shared by HackManac on X (formerly Twitter). In the post, Intelbroker states that Apple suffered a data breach that led to the exposure of the source code for some of its internal tools. The tools include AppleConnect-SSO, Apple-HWE-Confluence-Advanced. There's been no mention of any customer data being leaked, which is good news, but there could still be some impact on Apple if this proves to be true.

Read more
OLED laptops are about to get brighter, thinner, and more expensive
A woman holds a laptop with the LG Tandem OLED logo on it.

LG's new Tandem OLED panel is entering mass production, which is good news for upcoming AI laptops. Today, LG announced that it's the first manufacturer to produce the Tandem OLED panel in a 13-inch variant, and the displays are said to be much thinner and lighter while delivering better performance. The catch? This screen upgrade, which is already available in the latest Dell XPS 13 Copilot+ PC, is going to cost you a pretty penny.

Tandem OLED is a display panel design that has mostly been used in cars up until now, and LG is breaking new ground by producing it for laptops. However, it's not the first time we've seen this design applied to consumer electronics, as Apple's M4 iPad Pros utilize Tandem OLED displays.

Read more