Travel Information Leaked at Thomas Cook Airlines
July 11, 2018 / Kacy Zurkus
A bug finder recently discovered that Thomas Cook Airlines had a security vulnerability for years, making it possible for hackers to systematically download hundreds of thousands of passenger flight details and personal data going back as far as 2013. The issue, rated a medium to high severity level, leaked personal and travel information but is reportedly now fixed, according to a 9 July blog post by Roy Solberg. After booking his vacation, Solberg reportedly received an email from Thomas Cook Airlines with a suspicious link to airshoppen.com. “I never downloaded a lot of data as I don’t want anyone to question my motives, but I do like to get an idea of the scope of the data leak, so I did a few tests to see if I could see how many bookings this was affecting,” Solberg wrote. In his tests, Solberg found Ving bookings from as far back as 2013, with the most recent one from 2019.