Originally Posted by
Loren Pechtel
I think this must be a hack, not merely guessing. It seems like the IP is reporting as the same IP as booked it, something that in most cases would be very hard for a hacker to accomplish.
I think the IP thing is a flaw in part of SHARES PNR history where only the IP address that was used to create the booking online is logged.
To access the details of the IP addresses that made the subsequent cancellation, one must check the logs of the web server (which requires someone in the IT security department).
All the PNR shows is that the booking was cancelled by someone not logged in to united.com