{"id":5824,"date":"2025-08-02T05:04:05","date_gmt":"2025-08-02T05:04:05","guid":{"rendered":"https:\/\/serisec.com\/index.php\/2025\/08\/02\/spying-on-people-through-airportr-luggage-delivery-service-html\/"},"modified":"2025-08-02T05:04:05","modified_gmt":"2025-08-02T05:04:05","slug":"spying-on-people-through-airportr-luggage-delivery-service-html","status":"publish","type":"post","link":"https:\/\/serisec.com\/index.php\/2025\/08\/02\/spying-on-people-through-airportr-luggage-delivery-service-html\/","title":{"rendered":"Spying on People Through Airportr Luggage Delivery Service"},"content":{"rendered":"\n<div>Spying on People Through Airportr Luggage Delivery Service<\/div>\n<p> \t<BR><br \/>\n<BR><\/BR><br \/>\n    <!-- no image --><br \/>\n \t<BR><br \/>\n<BR><\/BR><\/p>\n<div>\n<p>Airportr is a service that allows passengers to have their luggage picked up, checked, and  delivered to their destinations. As you might expect, it\u2019s used by wealthy or important people. So if the company\u2019s website is <a href=\"https:\/\/www.wired.com\/story\/luggage-service-web-bugs-exposed-travel-plans-users-diplomats-airportr\/\">insecure<\/a>, you\u2019d be able to spy on lots of wealthy or important people. And maybe even steal their luggage.<\/p>\n<blockquote>\n<p>Researchers at the firm CyberX9 found that simple bugs in Airportr\u2019s website allowed them to access virtually all of those users\u2019 personal information, including travel plans, or even gain administrator privileges that would have allowed a hacker to redirect or steal luggage in transit. Among even the small sample of user data that the researchers reviewed and shared with WIRED they found what appear to be the personal information and travel records of multiple government officials and diplomats from the UK, Switzerland, and the US.<\/p>\n<p>\u201cAnyone would have been able to gain or might have gained absolute super-admin access to all the operations and data of this company,\u201d says Himanshu Pathak, CyberX9\u2019s founder and CEO. \u201cThe vulnerabilities resulted in complete confidential private information exposure of all airline customers in all countries who used the service of this company, including full control over all the bookings and baggage. Because once you are the super-admin of their most sensitive systems, you have have [sic] the ability to do anything.\u201d<\/p>\n<\/blockquote>\n<\/div>\n<p> \t<BR><br \/>\n <BR><\/BR><br \/>\n    Bruce Schneier<br \/>\n \t<BR><br \/>\n<BR><\/BR><br \/>\n<a href=\"https:\/\/www.schneier.com\/blog\/archives\/2025\/08\/spying-on-people-through-airportr-luggage-delivery-service.html\">Go to bruce schneier<\/a><br \/>\n \t<BR><br \/>\n <BR><\/BR><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Spying on People Through Airportr Luggage Delivery Service Airportr is a service that allows passengers to have their luggage picked up, checked, and delivered to their destinations. As you might expect, it\u2019s used by wealthy or important people. So if the company\u2019s website is insecure, you\u2019d be able to spy on lots of wealthy or [&hellip;]<\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1432,57,97,1,416],"tags":[87],"class_list":["post-5824","post","type-post","status-publish","format-standard","hentry","category-air-travel","category-bruce-schneier","category-hacking","category-uncategorized","category-vulnerabilities","tag-bruce-schneier"],"_links":{"self":[{"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/posts\/5824"}],"collection":[{"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/comments?post=5824"}],"version-history":[{"count":0,"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/posts\/5824\/revisions"}],"wp:attachment":[{"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/media?parent=5824"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/categories?post=5824"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/tags?post=5824"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}