The issue was first noticed by Dani Grant, an ad product intern at BuzzFeed and founder of Hackers of NY, discovered the flaw when she realized she could simply share the URL and anyone can access her boarding pass. She immediately emailed the Delta security team about this flaw and got a stereotype feedback from them. Shocked Dr.Grant took to web and posted her boarding passes and the flaw.
Dr.Grant noticed that by changing the number in the boarding pass url she could view someone elses boarding pass. Similarly someone somewhere may view her boarding pass and abuse it with mala fide intent. A thorough identity check at the airport gates could prevent misuse of such cloned boarding passes but what happens if some lazy security guards let the person in. With 9/11 like scenarios and yesterdays Lindt Cafe siege can the Airline be so careless? Seems like Delta is taking some action