ARTICLE | August 14, 2019

BA Under Fire For Leaking Passenger Info in Links

InfoSecurity Magazine – British Airways has come under fire from the security community again, this time after a vulnerability in its e-ticketing system was found to be exposing passenger’s personal information (PII). Security firm Wandera claimed in a blog post yesterday that the airline was sending out unencrypted check-in links to customers which contained booking reference and surname in the URL itself.

©2025 IOActive Inc. All Rights Reserved. This website, including all material, images, and data contained herein, are protected by copyright. All rights are reserved. Content may not be used, copied, reproduced, transmitted, or otherwise exploited in any manner, including without limitation, to train generative artificial intelligence (AI) technologies, without IOActive’s prior written consent. Without limiting IOActive’s exclusive rights under copyright laws, IOActive reserves all rights to license uses of this work for generative AI training and development of machine learning language models.