Case closed. But data breaches seem never-ending.
A computer expert discovered a vulnerability in one of the systems used by travel distribution company Amadeus, which said it had fixed the issue and that none of the data was misused.
Alp, an Israel-based travel subsidiary, is an online service used by Israeli travel agents and governmental travel agency Inbal to book flights and hotels. It had a database with a weakness that could be pried open to reveal the personal details and email addresses of, allegedly, millions of passengers.
“The configuration flaw, which allowed unauthorized access to information used for a loyalty scheme for travel agencies, and is not related to reservations and ticketing, was discovered by a security researcher,” an Amadeus spokesperson said. “The access was limited to the system in Israel, and we do not believe that data related to other markets was affected.”
News organization Calcalist first reported the breach.
“A detailed analysis of the incident is underway, but there is no evidence to suggest that the data has been accessed by anyone other than the security researcher who reported his findings to the Israeli authorities,” an Amadeus spokesperson said.
This incident was isolated from another one earlier this year.
In January, a flaw in Amadeus’ online booking system used by more than 140 airlines could have allowed attackers to access seat assignments and frequent flier information.
The issue, which is now fixed, was first identified by Israeli security researcher Noam Rotem while he was booking a flight with the Isreali national carrier ELAL, according to reports. Amadeus said it quickly fixed the issue and that no one other than the researcher accessed the data inappropriately.
Hundreds of online security breaches have happened in recent years, according to the Privacy Rights Clearinghouse. No process seems immune to hacking. Recent travel industry incidents included the hacking of Starwood Hotels data and the hacking of data at several hotel groups that relied on a reservation system run by Sabre.
Subscribe to Skift Pro
Subscribe to Skift Pro to get unlimited access to stories like these ($30/month)Subscribe Now
Photo Credit: An image of Tel Aviv's international airport, Ben Gurion. A database of an Israeli travel tech subsidiary of Amadeus exposed the records of many passengers before being fixed. Israel Airports Authority
Israel’s El Al Warns It May Not Survive Without $100 Million State Aid
The carrier's CEO, and others, said the country's aviation sector was "perched above a slippery slope." Israeli authorities won't be able to argue with that.
Ari Rabinovitch, Reuters | 4 days ago
A New List of the Most Valuable Public Travel Companies
Old school travel companies still largely dominate in terms of stock market valuation, but there is no denying the disruption sparked by Airbnb’s debut on the stock market.
Cameron Sperance | 1 week ago
Hopper Partners With Spirit Airlines to Help It Sell More Extras
A significant ancillary play from the Canadian online travel agency, but not quite the leap forward for so-called new distribution capability in the U.S. many would want to see, given Spirit's reach and target flyers.
Matthew Parsons, Skift | 2 weeks ago