Codes used to access the cockpits of United Airlines flights were inadvertently made public this week, according to a report from The Wall Street Journal. Citing a pilot who was briefed on the matter, the Journal reported on Sunday that a United Airlines flight attendant accidentally posted the codes online, adding that the incident was not the result of a data breach or hack. The airline told Reuters on Monday that the codes may have been made public, though it did not confirm whether they were posted online by a flight attendant.
In an email sent to employees on Saturday, and cited by CBS News, United said it was working on a “corrective action plan,” and reminded pilots that “the risk of a breach of the flight deck door is strongly mitigated by carefully following the flight deck security procedures.” Until the airline issues new access codes, pilots would have to visually identify individuals before allowing them in the cockpit, according to the Journal. A United spokesperson told Reuters on Monday that the airline is “working to resolve this issue as soon as possible.”
US airlines installed cockpit access codes following the September 2001 terrorist attacks, when hijackers successfully commandeered four planes. In a statement released Monday, the United branch of the Air Line Pilots Association said last week’s incident underscores the need for secondary barriers to cockpit doors. The union noted that it has been advocating for such additional security measures for 16 years, adding that each secondary barrier would cost “approximately $5,000.”
"The installation of secondary barriers on all passenger aircraft is a simple and cost effective way to bolster the last line of flight deck defense," the union said.