Head Topics

Hackers Could Have Scored Unlimited Airline Miles by Targeting One Platform

Singapore News News

Hackers Could Have Scored Unlimited Airline Miles by Targeting One Platform
Singapore Latest News,Singapore Headlines
  • 📰 WIRED
  • ⏱ Reading Time:
  • 42 sec. here
  • 2 min. at publisher
  • 📊 Quality Score:
  • News: 20%
  • Publisher: 51%

Imagine finding a vulnerability in a system that would let you grant yourself unlimited free points and rewards from just about every customer loyalty program in the world. That's what happened to these researchers.

like those offered by airlines and hotels tout the specific perks of joining their club over others. Under the hood, though, the digital infrastructure for many of these programs—including Delta SkyMiles, United MileagePlus, Hilton Honors, and Marriott Bonvoy—is built on the same platform. The backend comes from the loyalty commerce companyBut new findings,today by a group of security researchers, show that vulnerabilities in the Points.

“The surprise for me was related to the fact that there is a central entity for loyalty and points systems, which almost every big brand in the world uses,” Shah says. “From this point, it was clear to me that finding flaws in this system would have a cascading effect to every company utilizing their loyalty backend.

Another bug the researchers found was an API configuration issue that could have allowed an attacker to generate an account authorization token for any user with just their last name and rewards number. These two pieces of data could potentially be found through past breaches or could be taken by exploiting the first vulnerability. With this token, attackers could take over customer accounts and transfer miles or other rewards points to themselves, draining the victim's accounts.

We have summarized this news so that you can read it quickly. If you are interested in the news, you can read the full text here. Read more:

WIRED /  🏆 555. in US

Singapore Latest News, Singapore Headlines

Similar News:You can also read news stories similar to this one that we have collected from other news sources.

Hackers take over Utah man's Facebook, scam buyers into fake Taylor Swift ticketsHackers take over Utah man's Facebook, scam buyers into fake Taylor Swift ticketsScammers are taking advantage of the Taylor Swift frenzy, hacking Facebook accounts and attempting to sell fake concert tickets.
Read more »

Curve Offers Hackers 10% Bounty in Exchange for Return of CryptoCurve Offers Hackers 10% Bounty in Exchange for Return of CryptoWe will find you. Curve Finance promises an all-out pursuit of the hackers behind last weekend's exploit if they don't return the stolen crypto in exchange for a 10% bounty. realDannyNelson reports
Read more »

An 11-Year-Old TV Show Is Trending Worldwide On Netflix, And It’s All Thanks To The Barbie MovieAn 11-Year-Old TV Show Is Trending Worldwide On Netflix, And It’s All Thanks To The Barbie MovieThe Barbie movie, which scored the best domestic opening weekend of 2023 after debuting on July 21, has given a bump to an animated series on Netflix.
Read more »

Himbos get a win-bo as 'I'm Just Ken' lands on the Billboard Hot 100Himbos get a win-bo as 'I'm Just Ken' lands on the Billboard Hot 100Ryan Gosling's Barbie ballad to total male inadequacy has scored itself a win
Read more »

Adam Brody Auditioned for Star-Lord in 'Guardians of the Galaxy': 'I Wanted That One'Adam Brody Auditioned for Star-Lord in 'Guardians of the Galaxy': 'I Wanted That One'The O.C. actor could have scored the role Chris Pratt has embodied for several films
Read more »

South Africa reach Women's World Cup last 16 for first time, Italy stunnedSouth Africa reach Women's World Cup last 16 for first time, Italy stunnedCaptain Thembi Kgatlana scores early in stoppage time to give South Africa a 3-2 win over Italy and a spot in the knockout rounds of a Women's World Cup for the first time
Read more »



Render Time: 2025-03-13 05:21:26