United Flight Attendant Accidentally Leaked Door Codes Online: Report

Under fire carrier United Airlines has witnessed first-hand the perils of over-sharing online after a flight attendant reportedly posted cockpit door access codes accidentally.

United Continental Holdings was forced to send out a company-wide alert following the incident, a pilot briefed on the matter told the Wall Street Journal.

That brief apparently included instructions to follow the additional security procedures which help to minimize the risk of unauthorized access to the flight deck.

These include visual confirmation of the person requesting access.

A United statement issued over the weekend had the following:

"The safety of our customers and crew is our top priority and United utilizes a number of measures to keep our flight decks secure beyond door access information. In the interim this protocol ensures our cockpits remain secure. We are working to resolve this issue as soon as possible."

The incident once again highlights to organizations the security risks posed by insiders; in this instance an employee accidentally breaking strict rules governing highly sensitive corporate information.

It also shows the potential real-world impact of digital over-sharing by employees.

Cockpit access security was strengthened following the 9-11 attacks to include reinforced doors, CCTV cameras and strict controls on who is allowed in and out.

However, some of these rules had to be rewritten after a fatal Germanwings crash in 2015 in which the co-pilot locked the captain out of the cockpit before flying the aircraft into the French Alps.

Industry union the Air Line Pilots Association is said to have confirmed that the issue has now been resolved, which presumably involved resetting the cockpit door codes on all aircraft.

This is the second bit of bad news to hit United in recent weeks, after the airline was widely berated when video footage emerged of police forcibly removing a legitimate passenger who refused to leave after overbooking.

What’s Hot on Infosecurity Magazine?