Keli Rabon reports:
Anna Culina just wanted to check her miles on United Airline’s mobile website, but instead, she ended up with a whole lot more.
“I was navigating around activity and statements, and each time I navigated around to a different area, I pulled up someone else’s information,” Culina said.
Culina found the personal information of 20 United Airlines customers she’d never even met. Their names, Mileage Plus numbers, future flight itineraries with confirmation codes, and previous trips were all at her fingertips.
“I contacted United and they told me maybe someone had logged onto my phone and not logged off properly. But nobody has used my phone, let alone 20 different people I didn’t know,” Culina said.
[…]
A United Airlines spokesperson said they’re looking into the specific issue and expect to resolve it quickly, but that Culina “didn’t have access to sensitive personal information.”
Culina says by using the confirmation code and traveler’s last name, she could have changed the passenger’s seating assignments or even canceled a flight.
Read more on KVUE.