Kirsten Doyle reports that international airline Emirates is denying claims by a researcher claiming that they are leaking customers’ sensitive data. The alleged leak
was discovered by Konark Modi, a data security engineer for Cliqz, who explained in post last Friday, how he was booking tickets for his family through the Emirates Web site when he noticed a few things that raised red flags. He said when booking a flight through Emirates, domestic or international, there are approximately 300 data points related to the booking.
And then the researcher fired back, claiming that their statement was inaccurate.
This probably would have been better handled out of the public eye via responsible disclosure, but it appears that although the researcher tried that route, the airline did not respond appropriately.
In any event, the controversy makes for interesting reading. Read more on ITWeb, and keep in mind that the problems described are not specific or limited to this one airline.