Originally Posted by
justforfun
LH is also responsible for the integrity of their reservations. Did they adequately identify the id of the person cancelling the ticket? Obviously not. That seems to be a huge security breach on their end. Not only should they have reinstated the ticket, but they should launch a full investigation as well.
Unfortunately all you need is the last name and a PNR. Her email account login system shows it came from about 5000 miles to where LH just flew her yesterday. Some airlines print the PNR on a BP so you could get this info from spying on other pax in the boarding queue.
She has told me that LH have just changed the flight within the same PNR meaning the PNR meaning the hacker could cancel the ticket again with no further details required!