It is a refreshing change to see a company show that they care about passenger’s personal information—especially an airline routinely assailed by customers in consumer surveys. In this day and age where it seems like no one is safe from hackers of any background or motives, United Airlines has issued a “hack challenge”, offering free air miles for anyone who can find a vulnerability. This is a great move from UAL, a surefire win-win. If no vulnerabilities are detected, UAL security systems are shown to be effective. If there are any vulnerabilities, they will be found by people looking for air mile points, rather than someone looking to exploit personal information. The best defense against online attacks is to simulate them, and there are always people out there who will find new and improved ways of targeting systems that you would not have thought of. If only Sony would try something like this.
Sony Entertainment in the past 5 years have been victim to two of the biggest, most widely publicized online attacks in recent history. Starting in 2011, Sony Playstation’s online service was attacked and the personal information of approximately 77 million users was compromised. Additionally, the service was down for 23 days, inaccessible to paying customers. Then, in 2014 Sony Executives were hacked and had scripts stolen, movies leaked, and their dirty laundry contained in emails aired out for all of the general public to see. In one of the emails leaked, the chairperson of Sony Pictures of America Amy Pascal and producer Scott Rudin was seen making racially charged comments about President Barack Obama, which drew heavy backlash from civil rights groups including Color of Change. Rudin and Pascal publically apologized for the comments, claiming they were “Private e-mails between friends and colleagues written in haste and without much thought or sensitivity, even when the content of them is meant to be in jest, can result in offense where none was intended”, and “the most hurtful e-mail came out…I’m so disappointed in myself, that I ever would have had such a lapse in my thinking. Of all the things I thought might be said about me, this was the last one, and I feel awful”, respectively. Pascal lost her job for the indiscretion, while Rudin, somehow, kept his job.
The takeaway from the Sony debacle is that anything said digitally could potentially be said to the world, and should be treated as such. The harsh reality is that the notion of a private exchange between two or more people may no longer exist, and anything said should be something you and your company could stand behind, rather than be embarrassed from and need to apologize for. If transparency is the new name of the game, then we should all aim to better ourselves so that we are always the people we want people to see us as. A momentary lapse of judgment can get you in some really hot digital water.
But if we can’t be better people, and the history of human nature argues that may be the case, we can at least have more secure data to protect our customers and employees. United’s effort to “crowdsource” a more secure system is transparent, commendable and hopefully, for all of us, successful.