Latvia’s flag carrier, airBaltic, has admitted that a technical glitch led to the exposure of reservation details for some passengers to other airBaltic customers. Several passengers reported receiving unexpected emails addressing them as other customers, highlighting the accidental data breach.
Although the airline assures that the leak affects only a small percentage of customers and does not include financial information, the total number of impacted passengers has not been disclosed.
The incident involved the unintentional exposure of passenger bookings, with emails being sent to the wrong recipients. Security researcher Erik Wynter shared one such email, revealing that the exposed information potentially includes passengers’ full names, birth dates, and email addresses.
An airBaltic spokesperson confirmed that the issue resulted from an internal technical problem and not from a cyberattack or external interference.
While the percentage of affected passengers may seem small, considering airBaltic’s significant annual passenger volume, the breach could have impacted hundreds of travelers.
Concerns were raised over the exposure of sensitive booking details, such as the PNR/reservation number, which could potentially be misused. The airline has offered affected customers the option to request a new booking number for enhanced security.
AirBaltic emphasizes its commitment to protecting personal data and is conducting a thorough investigation into the incident. The airline intends to contact all affected passengers promptly. Passengers impacted by the data breach are advised to reach out to airBaltic to request a new booking number.
The carrier apologizes for any inconvenience caused and assures unaffected passengers that their personal information remains secure.
