A security flaw in United Airlines’ website may have exposed ticket information for customers who requested a refund, according to a new report from TechCrunch.

The bug caused the website to not validate a user’s last name when checking their refund status. That made it possible to access other travelers’ refund information simply by changing the ticket number, TechCrunch reported.

Like many airlines, United’s website allows users to check their refund status by entering their ticket number and last name. It was not immediately clear whether another user’s information could be viewed without knowing their full ticket number.

IT security expert Oliver Linow discovered the bug and told TechCrunch that the security hole allowed him to see traveler names, payment type, currency used, and the refund amount. It was not clear whether any more sensitive information was visible.

Linow said that he reported the bug to United in July, and

Read More

When training camp rolls around, the major box-office draw for fans is seeing how the Denver Broncos’ top draft picks are shaping up. So far so good on that front as both first- and second-round wideouts Jerry Jeudy and KJ Hamler have been turning heads while third-round center Lloyd Cushenberry III has earned the opportunity to split first-team reps.

Head coach Vic Fangio hasn’t been afraid to throw his top rookies straight into the rigors of camp to get a feel for how they handle the pressure and how they perform. The veteran coach is similarly aware that complete NFL rosters are filled out by mid-to-low-round draft picks who can contribute if given the opportunity.

One such prospect is Justin Strnad, whom the Broncos grabbed in the fifth round of the 2020 draft. Fangio likes what he’s seen from the 23-year-old Wake Forest stand-out and is challenging him to respond

Read More