So you're all set for your #adventure. Just have to upload a quick pic of your boarding pass, and your suitcase, and maybe your comfortable travel shoes, onto Facebook to make everyone jealous. Except, don't do the boarding pass. Unless you like getting your personal information stolen.
The blog KrebsonSecurity recently published a story on just how much personal info is held in the barcode of your boarding pass. Turns out, it's a lot. One of the blog's readers tested out this site, which allows anyone to grab all that info from an uploaded picture of a barcode. Here's what the reader found out:
“Besides his name, frequent flyer number and other [personally identifiable information], I was able to get his record locator (a.k.a. “record key” for the Lufthansa flight he was taking that day. I then proceeded to Lufthansa’s website and using his last name (which was encoded in the barcode) and the record locator was able to get access to his entire account. Not only could I see this one flight, but I could see ANY future flights that were booked to his frequent flyer number from the Star Alliance.”