A United Airlines flight attendant has inadvertently leaked access codes for the company’s airplanes’ cockpit doors, a safety alert email to United employees has revealed. According to the WSJ, the information was mistakenly posted on a public website.
Cockpit doors did not use to be locked in this manner prior to the 9/11 hijackings, but they are now both fortified and secured.
Entering an access code from outside the cockpit does not automatically open the door, but alerts the pilots that they should open the door from the inside by punching in another security code.
It’s not that these codes are never changed – they are, periodically. But this information is not meant to be public knowledge, and until these codes are changed again, there’s a bigger danger of someone who is not unauthorised accessing United planes’ cockpits.
United has notified the Federal Aviation Administration (FAA) of the incident, and has noted that the leak was not the result of a hack or a data breach.
“The emailed alert reminded employees that ‘the risk of a breach of the flight deck door is strongly mitigated by carefully following the flight deck security procedures,’ adding, ‘remember this information is sensitive security information and sharing this with anyone not authorized or who does not have a need to know is strictly prohibited’,” CBS News reported.
It is unclear if the “sensitive security information” in this sentence are the security codes or the email alert.
The compromised codes will likely have to be changed manually, by authorised United personnel. In the meantime, United has reassured that the company also uses a number of other measures to keep their flight decks secure.