Access codes for United cockpit doors accidentally posted online
United Continental Holdings alerted pilots that access codes to cockpit doors were accidentally posted on a public website by a flight attendant, reports the Wall Street Journal. The company, which owns United Airlines and United Express, asked pilots to follow security procedures already in use, including visually confirming someone’s identity before they are allowed onto the flight deck even if they enter the correct security code into the cockpit door’s keypad.
The Air Line Pilots Association, a union that represents 55,000 pilots in the U.S. and Canada, told the WSJ on Sunday that the problem had been fixed.
The notable thing about this security breach is that it was caused by human error, not a hack, and illustrates how vulnerable cockpits are to intruders despite existing safety procedures. The Air Line Pilots Association has advocated for secondary barriers made from mesh or steel cables to be installed on cockpits doors to make it harder to break into, but airlines have said that they aren’t necessary.
For example, United told the Chicago Tribune in 2013 that “security measures have evolved in the years since the secondary barriers were ordered, and many more layers of security now exist.”
The 2015 Germanwings crash, in which a plane was deliberately flown into a mountain by a pilot who had locked his co-pilot out of the flight deck, highlighted the potential drawbacks of impenetrable cockpit doors if additional safety procedures are not put in place. These include not allowing someone to be left alone in the cockpit, a Federal Aviation Administration policy that was also adopted by German airlines after the crash.
TechCrunch has contacted United Continental for more information.
Featured Image: United Airlines