Airlines are exposed to leaked passenger information

Abstract: Reporter investigation found that these travelers personal information through the black industry chain, and finally become a realistic return to sign fraud message. The Spring Festival is near, the biggest loophole release platform Cloud Network disclosed a number of airline passengers personal information leakage loopholes, including

Reporter investigation found that these travelers personal information through the black industry chain, and finally become a realistic return to sign fraud message.

The Spring Festival is near, the biggest loophole release platform Cloud Network disclosed a number of airline passengers personal information leakage loopholes, including Xiamen Airlines, Shanghai Airlines and value machine commonly used software navigation and so on.

Reporter 30th in black Cloud online See, only January 29 one day, there are 5 loopholes involving airlines have been confirmed by the company, the content of the carrier system, the fall, tens of thousands of ticket information can be viewed; Civil aviation entry-Exit API system logic flaws, leading to exit-entry real-time data leakage , the airline internal employee mailbox account and the password leaks, may log in the company internal mail system.

East Airlines prepaid card system falls

January 29, black clouds "white hat" (a positive hacker, can identify the computer system or network security vulnerabilities, but not malicious to use, but the disclosure of its loopholes) "passerby a" disclosed the "Oriental Air Prepaid card System" loophole. The report said that the vulnerability could lead to customer information and prepaid card account leakage, prepaid card 6-digit code can be blasting (decoding), passenger name, ID number, mobile phone number may be leaked.

Cloud network data show that the current East Airlines has confirmed the loophole. Meng Zhuo, one of the founders of cloud nets, told reporters that the details of the loophole had not yet entered into the public process, in a confidential phase. But the flaw could lead to the theft of money in pre-paid cards.

Not only the east airlines, the reporter saw, in the cloud announced by the company has been confirmed by the system loopholes, the recent involvement of the aviation industry accounted for a considerable proportion, including Xiamen Airlines, Shanghai Airlines and value machine commonly used software navigation and so on.

Xiamen Aviation old system

Cloud Vulnerability report pointed out that Xiamen Aviation business Management system fall, can check any passenger ticket information, modify any agent password, add agents.

Xiamen Airlines confirmed the vulnerability, said the system for the old system, has been deactivated for a long time, the recent internal reasons to reopen the test, which did not store passenger information, will be closed in the near future. "The impact of this loophole should not be exaggerated. "Xiamen Airlines said," Inside the passenger information is the information of other airlines, I have been in the Division for 2 years without the system. ”

East Airlines said 30th that the prepaid card system is free of loopholes, black clouds of "white hat" engineers to take a violent attack to enter the system. "If you take the form of a violent attack, there is no system that is absolutely safe." East Airlines said that at present, China Eastern Airlines has taken security strengthening measures to strengthen the system, the user account is now safe.

Remind

The airline is 95 the beginning of the cornet scam phone is mostly 400 opening

Approaching the Spring Festival, citizens should beware of "ticket back to sign fraud" comeback.

It is understood that the current domestic Airlines official customer service phone and SMS number Unified 95 beginning of the cornet, and most of the fraud phone is 400 or 00 beginning of the network phone.

Hainan Airlines customer service told reporters that Hainan Airlines for the delay, cancellation of flights will be through text messages and telephone to inform passengers, the official number of reunification is 95, "do not believe that the Internet or the 400 call in the message."

In addition, consumers can load flight information app in smartphones, keep abreast of flight dynamics and avoid being cheated.

Case

"Flight cancellation" scam is frequent

Recently, Anhui Hefei Kanbao bought tickets ready to go to the field, just before departure, she suddenly received a "flight cancellation" message, the next encounter let her unexpected.

This message told Ms. Kanbao, due to flight failure, need to refund or change, as compensation, each passenger can get 200 yuan of flight delay fee. Because the message name, flight, departure time and other information are consistent, Kanbao believe that, she called the 400 phone message.

After dialing the phone, Ms. Kanbao, according to voice prompts, connected to the artificial customer service. Artificial customer service told Kanbao Miss Ticket is left a few, if the change of the words have delay fee, will return 200 yuan, need the bank to provide code. Because anxious change to sign a ticket, Kanbao also didn't think, hurriedly went to a nearby ATM machine.

Then the phone calls for new requirements. The liar first asked the balance of Ms. Kanbao's bank card, then made up a so-called "trading code", so that Ms. Kanbao did not expect is to enter this code 6053, is actually a transfer of 6053 yuan. Until she understood it, it was too late. Ms. Kanbao then hastened to report to the police, and the case is now being processed.

According to the reporter understand, Ms. Kanbao's encounter is not an individual phenomenon, in August 2014, a woman in Guangzhou was deceived by the same trap was 960,000.

Secret

Personal key information black market sold 20 yuan per article

Where does this precise scam come from?

According to cloud network monitoring, "flight cancellation" a kind of fraud means in fact has occurred two or three years ago, although they also issued an early warning, but the effect is not ideal.

Black Cloud Network of a senior "white hat" told reporters, in order to find out how the leaked passenger personal information how to become a realistic return to sign fraud message, he specializes in posing as a buyer to buy information, from the black production data traffickers see the passenger information is the focus of the transaction.

Reporter saw, this is called "FEI" data traffickers are trading through QQ, its QQ signature impressively wrote "Every 10 o'clock in the morning on time out of the material, the amount of advance booking, afternoon material 5 points out, evening material 9 points out." ”

"White hat" to reporters show the transaction data shows that the name of the passenger, airlines, flight information, Take-off and landing time, ID number, mobile phone number, ticket information everything. And the price of such information is actually as high as 20 yuan.

"These data are not flight information, so only to do the black industry chain value." The impression that the data trade is common in a few cents, a few cents, a few pieces, such as high prices are indeed surprising. "The Above" white hat "told reporters, contact a number of data traffickers, most people give the price of each of the 20 yuan, 23 yuan, 25 yuan a piece of it. Every day, 600-800 of these new data are sold. "Can be seen, ticket fraud has much profiteering." "he said.

Interpretation

Information disclosure can be caused by multiple links

Meng Zhuo said that at present the airline's source of information leaked mainly from two major aspects, one is the system design loopholes, the second is the internal personnel safety and management awareness is not enough, these system loopholes may lead to passenger travel/flight information leakage. But information leakage is not only caused by airlines, AVIC System, air ticket agents, can buy tickets to travel sites may be caused by loopholes in the passenger key information stolen.

Network security expert Zhao Occupation thinks, airline, ticket generation, Internet ticketing platform all have the passenger personal information, the information leaks the reason possibly is has the inside ghost to steal the data, also possibly is the system to be attacked by the hacker.

The white hat also agrees with the view that "the information from the data traffickers is more like a professional agent system, a ticketing platform." Therefore, it is important to pay attention to safety management. ”

Zhao Occupy told the reporter, personal data leakage is difficult to eliminate, on the one hand involves more links, not to find out where the problem. On the other hand, the illegal cost is low, rights protection is difficult. If the civil way, do not know who to sue, if the criminal way, unless you can find the ghost or hacker, otherwise can not file.