');mask-image:url('data:image/svg+xml;utf8, ');content:'';margin:0 .4rem;display:inline-block;vertical-align:middle;line-height:1}.breadcrumb-trail .trail-items li:last-child:after{display:none}.bloghash-breadcrumbs{font-size:1.4rem;border-width:0}#page .page-header .bloghash-breadcrumbs a>span{color:inherit}#bloghash-copyright .bloghash-flex-row>div:empty{display:none}#bloghash-copyright>.bloghash-container>.bloghash-flex-row>div{width:auto;padding-top:.6rem;padding-bottom:.6rem}.bloghash-copyright-layout-1 #bloghash-copyright>.bloghash-container>.bloghash-flex-row>div{-ms-flex-preferred-size:100%;flex-basis:100%;-ms-flex-negative:0;flex-shrink:0;-webkit-box-pack:center;-ms-flex-pack:center;justify-content:center}#bloghash-scroll-top{-webkit-box-align:center;-ms-flex-align:center;align-items:center;-webkit-box-pack:center;-ms-flex-pack:center;justify-content:center;position:fixed;bottom:2.5rem;right:2rem;z-index:997;width:4rem;height:4rem;opacity:0;-webkit-transform:translate3d(0,3rem,0);transform:translate3d(0,3rem,0)}#bloghash-scroll-top .bloghash-scroll-icon{overflow:hidden;z-index:2}#bloghash-scroll-top .bloghash-icon{-webkit-box-align:center;-ms-flex-align:center;align-items:center;-webkit-box-pack:center;-ms-flex-pack:center;justify-content:center;height:2rem;color:var(--bloghash-white);-webkit-transform:translateY(1.1rem);-ms-transform:translateY(1.1rem);transform:translateY(1.1rem)}#bloghash-scroll-top:before{content:'';z-index:1;border-radius:10rem;background-color:var(--bloghash-primary);-webkit-transform:scale(1);-ms-transform:scale(1);transform:scale(1);border:.1rem solid rgba(185,185,185,.4)}#bloghash-scroll-top svg{fill:var(--bloghash-white)}.bloghash-widget.widget:not(.widget_text):not(.hester-core-custom-list-widget) ol{list-style:none;margin-left:0;margin-right:0}#main .bloghash-widget{overflow:hidden}#main .bloghash-widget{margin-bottom:4rem}.widget ol{line-height:1.5}.widget ol:last-child{margin-bottom:0}.widget ol li{margin-bottom:1rem}.widget.bloghash-entry p{margin-top:1.6rem;margin-bottom:1.6rem}.widget.bloghash-entry p:last-child{margin-bottom:0}.widget.widget_block li a{position:relative;z-index:0}.widget.widget_recent_comments li{margin-bottom:1.6rem}.bloghash-entry>:first-child{margin-top:0}.bloghash-entry>:last-child{margin-bottom:0}.bloghash-entry ol{margin-left:4rem}.bloghash-entry ol{margin-bottom:2rem;margin-top:2rem}.bloghash-entry p{margin-bottom:1.5rem;margin-top:1.5rem}.entry-media{margin-bottom:2.5rem}.entry-media img{margin:0 auto;display:block}.single-post .entry-media{margin-bottom:4rem}.single .post-category{margin-bottom:.3rem;font-size:1.4rem}.single .post-category a{-js-display:inline-flex;display:-webkit-inline-box;display:-ms-inline-flexbox;display:inline-flex;margin:0 .4rem .8rem}.single .post-nav .nav-previous .nav-content span{padding-right:2rem}.single.bloghash-page-title-align-left .bloghash-article>.post-category{text-align:start}#cancel-comment-reply-link{font-size:1.3rem;border-radius:var(--bloghash-normal-radius);border:.2rem solid currentColor;font-weight:500;padding:.4rem .7rem;line-height:1;text-decoration:none;text-transform:capitalize;margin-left:1.4rem;color:inherit}button.bloghash-animate-arrow{-webkit-appearance:none;border:none;-webkit-box-shadow:none;box-shadow:none;background:0 0;outline:none}.bloghash-animate-arrow .arrow-bar{-webkit-transform:scaleX(0);-ms-transform:scaleX(0);transform:scaleX(0)}.bloghash-animate-arrow svg{vertical-align:middle}.bloghash-animate-arrow.right-arrow svg{-webkit-transform:rotate(180deg);-ms-transform:rotate(180deg);transform:rotate(180deg)}.bloghash-animate-arrow.right-arrow .arrow-bar{-webkit-transform-origin:100% 0;-ms-transform-origin:100% 0;transform-origin:100% 0}.bloghash-animate-arrow.right-arrow .arrow-handle{-webkit-transform:translateX(.6rem);-ms-transform:translateX(.6rem);transform:translateX(.6rem)}.bloghash-hamburger{padding:0;display:inline-block;font:inherit;color:inherit;text-transform:none;background-color:transparent;border:0;margin:0;overflow:visible}.hamburger-box{width:2.5rem;height:1.4rem;display:inline-block;position:relative}.hamburger-inner{display:block;top:50%;margin-top:-.1rem}.hamburger-inner,.hamburger-inner:before,.hamburger-inner:after{width:2.8rem;height:2px;background-color:#111827;border-radius:var(--bloghash-normal-radius);position:absolute}.hamburger-inner:before,.hamburger-inner:after{content:"";display:block}.hamburger-inner:before{top:-5px}.hamburger-inner:after{bottom:-5px}.bloghash-mobile-nav{order:1;display:none;margin-left:2.4rem}.bloghash-hamburger,.bloghash-mobile-nav{-webkit-box-align:center;-ms-flex-align:center;align-items:center}body:not(.is-mobile-menu-active) .bloghash-hamburger .hamburger-box .hamburger-inner:before{width:1.5rem}.bloghash-hamburger{-js-display:inline-flex;display:-webkit-inline-box;display:-ms-inline-flexbox;display:inline-flex;border-radius:var(--bloghash-normal-radius)}.bloghash-hamburger .hamburger-inner,.bloghash-hamburger .hamburger-inner:before,.bloghash-hamburger .hamburger-inner:after{background-color:currentColor}#bloghash-header:after{content:'';position:fixed;top:100%;left:0;right:0;height:100vh;background-color:rgba(255,255,255,.85);z-index:991;opacity:0;visibility:hidden;will-change:opacity,visibility;-webkit-transform:translate3d(0,0,0);transform:translate3d(0,0,0)}@media only screen and (min-width:600px){.site .bloghash-flex-row .start-sm{-webkit-box-pack:start;-ms-flex-pack:start;justify-content:flex-start;text-align:start}.site .bloghash-flex-row .end-sm{-webkit-box-pack:end;-ms-flex-pack:end;justify-content:flex-end;text-align:end;margin-left:auto}}@media only screen and (min-width:782px){.site .bloghash-flex-row .col-md{-webkit-box-flex:1;-ms-flex-positive:1;flex-grow:1;-ms-flex-negative:1;flex-shrink:1;max-width:100%;-ms-flex-preferred-size:0;flex-basis:0}.site .bloghash-flex-row .col-md.flex-basis-auto{-ms-flex-preferred-size:auto;flex-basis:auto}.site .bloghash-flex-row .end-md{-webkit-box-pack:end;-ms-flex-pack:end;justify-content:flex-end;text-align:end;margin-left:auto}}@media only screen and (max-width:868px){.bloghash-hide-mobile-tablet{display:none!important}.bloghash-container{padding:0 3rem}.bloghash-header-widgets .bloghash-header-widget,.bloghash-header-widgets .bloghash-header-widget.bloghash-header-widget__button{padding-left:1rem;padding-right:1rem}.bloghash-mobile-nav{margin-left:1.6rem}}@media only screen and (max-width:599px){#bloghash-header-inner .bloghash-widget-wrapper,.bloghash-header-element,.bloghash-header-widgets .bloghash-header-widget{position:static}.bloghash-header-widgets .dropdown-item:after{display:none}.page-header>.bloghash-container{-webkit-box-align:start;-ms-flex-align:start;align-items:flex-start;-webkit-box-orient:vertical;-webkit-box-direction:normal;-ms-flex-direction:column;flex-direction:column}}@media only screen and (max-width:480px){#page{min-height:-webkit-fill-available}}@media only screen and (max-width:960px){#bloghash-topbar>.bloghash-container>.bloghash-flex-row>div .bloghash-topbar-widget{padding-top:.6rem;padding-bottom:.6rem}#bloghash-topbar .bloghash-topbar-widget{padding-left:.8rem;padding-right:.8rem}.bloghash-topbar__separators-regular #bloghash-topbar .bloghash-topbar-widget:after{margin-left:.8rem}#main>.bloghash-container{display:block}#primary{max-width:100%!important;padding-left:0!important;padding-right:0!important;margin-top:4rem}.site-main #secondary{width:100%;margin-top:4rem}}@media all and (-ms-high-contrast:none),(-ms-high-contrast:active){.site .bloghash-flex-row:after{content:'';display:block;min-height:inherit;font-size:0}.bloghash-btn{height:1rem}#main>.bloghash-container #primary{-ms-flex-preferred-size:0%;flex-basis:0%}}.bloghash-btn{background-color:var(--bloghash-primary)}#bloghash-topbar .bloghash-topbar-widget__text .bloghash-icon{color:var(--bloghash-primary)}#masthead .bloghash-header-widgets .dropdown-item:after,.bloghash-nav>ul .sub-menu:after{border-bottom-color:var(--bloghash-primary);outline:none!important}.bloghash-header-widgets .dropdown-item,.bloghash-nav .sub-menu{border-top-color:var(--bloghash-primary)}::-webkit-selection{background-color:var(--bloghash-primary);color:var(--bloghash-white)}::-webkit-scrollbar-thumb{background:rgba(0,0,0,.2)}::-webkit-scrollbar-thumb:hover{background:rgba(0,0,0,.4)}.mr-1{margin-right:.4rem}a.bloghash-btn i{font-size:105%;vertical-align:baseline}a.bloghash-btn i:before{display:inline-block;vertical-align:middle}a.bloghash-btn span{vertical-align:baseline;line-height:normal}@media (prefers-reduced-motion:reduce){*{animation-duration:0s!important}}.bloghash-glassmorphism{position:fixed;right:0;left:0;bottom:0;display:flex;overflow:hidden;z-index:-1}.bloghash-glassmorphism .block{width:28.8rem;height:28.8rem;filter:blur(64px);mix-blend-mode:multiply;border-radius:999px;display:block;opacity:.1}.bloghash-glassmorphism .block.one{margin-top:5rem;background-color:rgba(239,35,60)}.bloghash-glassmorphism .block.two{margin-top:16rem;margin-left:-8rem;background-color:rgba(4,134,139)}@media only screen and (min-width:768px){.bloghash-glassmorphism{top:4rem}}@media only screen and (min-width:1024px){.bloghash-glassmorphism .block{width:38.4rem;height:38.4rem}}@media only screen and (min-width:1280px){.bloghash-glassmorphism{top:8rem}}.post-category .cat-links a.cat-31{color:#f43676;background:#fdd7e4}:root{--bloghash-primary:#f43676;--bloghash-primary_80:#fdd7e4;--bloghash-primary_15:#f6558b;--bloghash-primary_27:rgba(244,54,118,.27);--bloghash-primary_10:rgba(244,54,118,.1)}#bloghash-topbar{background:#f43676;background:-webkit-linear-gradient(45deg,#f43676 0,rgba(226,181,181,.39) 100%);background:-o-linear-gradient(45deg,#f43676 0,rgba(226,181,181,.39) 100%);background:linear-gradient(45deg,#f43676 0,rgba(226,181,181,.39) 100%)}#bloghash-topbar{border-style:solid}.bloghash-topbar-widget:after{background-color:#ccc}#bloghash-topbar{color:#002050}.bloghash-topbar-widget .bloghash-nav>ul>li>a,#bloghash-topbar .bloghash-topbar-widget__text .bloghash-icon{color:#302d55}#bloghash-header-inner{background:#fff}#bloghash-header,.bloghash-header-widgets a:not(.bloghash-btn),.bloghash-logo a,.bloghash-hamburger{color:#131315}#bloghash-header-inner{border-color:rgba(185,185,185,.4);border-bottom-width:1px}.bloghash-header-widget:after{background-color:#ccc}@media screen and (max-width:960px){#bloghash-header-inner .bloghash-nav{display:none;color:#000}.bloghash-mobile-toggen,.bloghash-mobile-nav{display:inline-flex}#bloghash-header-inner{position:relative}#bloghash-header-inner .bloghash-nav>ul>li>a{color:inherit}#bloghash-header-inner .site-navigation{display:none;position:absolute;top:100%;width:100%;height:100%;min-height:100vh;left:0;right:0;margin:-1px 0 0;background:#fff;border-top:1px solid #eaeaea;box-shadow:0 15px 25px -10px rgba(50,52,54,.125);z-index:999;font-size:1.7rem;padding:0}#bloghash-header-inner .site-navigation>ul{overflow-y:auto;max-height:68vh;display:block}#bloghash-header-inner .site-navigation>ul>li>a{padding:0!important}#bloghash-header-inner .site-navigation>ul li{display:block;width:100%;padding:0;margin:0;margin-left:0!important}#bloghash-header-inner .site-navigation>ul .sub-menu{position:static;display:none;border:none;box-shadow:none;border:0;opacity:1;visibility:visible;font-size:1.7rem;transform:none;background:#f8f8f8;min-width:initial;left:0;padding:0;margin:0;border-radius:0;line-height:inherit}#bloghash-header-inner .site-navigation>ul .sub-menu>li>a>span{padding-left:50px!important}#bloghash-header-inner .site-navigation>ul .sub-menu a>span{padding:10px 30px 10px 50px}#bloghash-header-inner .site-navigation>ul a{padding:0;position:relative;background:0 0}#bloghash-header-inner .site-navigation>ul li{border-bottom:1px solid #eaeaea}#bloghash-header-inner .site-navigation>ul>li:last-child{border-bottom:0}#bloghash-header-inner .site-navigation>ul a>span{padding:10px 30px!important;width:100%;display:block}#bloghash-header-inner .site-navigation>ul a>span:after,#bloghash-header-inner .site-navigation>ul a>span:before{display:none!important}#bloghash-header-inner .site-navigation>ul .menu-item-has-children>a{display:inline-flex;width:100%;max-width:calc(100% - 50px)}#bloghash-header-inner .bloghash-nav .menu-item-has-children>a>span{border-right:1px solid rgba(185,185,185,.4)}#bloghash-header-inner .bloghash-nav .menu-item-has-children>a>.bloghash-icon{transform:none;width:50px;margin:0;position:absolute;right:0;height:1em;display:none}.bloghash-mobile-toggen{width:50px;height:1em;background:0 0;border:none}.bloghash-mobile-toggen .bloghash-icon{transform:none;width:50px;margin:0;position:absolute;right:0;height:1em}}.bloghash-nav.bloghash-header-element,.bloghash-header-layout-1 .bloghash-header-widgets{font-weight:600;font-family:"Inter Tight",Helvetica,Arial,sans-serif;font-size:1.7rem;line-height:1.5}#secondary{width:30%}body:not(.bloghash-no-sidebar) #primary{max-width:70%}.bloghash-layout__boxed-separated #content>article,.bloghash-layout__boxed-separated.bloghash-sidebar-style-2 #secondary .bloghash-widget{background-color:#fff}body{color:#002050}a{color:#302d55}:root{--bloghash-secondary:#302d55}.bloghash-container{max-width:1480px}.bloghash-logo img{max-height:45px}.bloghash-logo .logo-inner{margin-top:27px;margin-right:10px;margin-bottom:27px;margin-left:10px}@media only screen and (max-width:768px){.bloghash-logo .logo-inner{margin-top:25px;margin-right:1px;margin-bottom:25px}}.page-header{background:rgba(244,54,118,.1)}.page-header{border-color:rgba(0,0,0,.062);border-style:solid;border-bottom-width:1px}.bloghash-breadcrumbs{padding-top:15px;padding-bottom:15px}html{font-size:62.5%}@media only screen and (max-width:768px){html{font-size:53%}}@media only screen and (max-width:480px){html{font-size:50%}}*{-moz-osx-font-smoothing:grayscale;-webkit-font-smoothing:antialiased}body{font-weight:400;font-family:"Be Vietnam Pro",Helvetica,Arial,sans-serif;font-size:1.7rem;line-height:1.75}.bloghash-btn{color:#fff;border-color:rgba(0,0,0,.12);border-width:.1rem;border-top-left-radius:.8rem;border-top-right-radius:.8rem;border-bottom-right-radius:.8rem;border-bottom-left-radius:.8rem}.bloghash-btn{font-weight:500;font-family:"Be Vietnam Pro",Helvetica,Arial,sans-serif;font-size:1.8rem}.ss-on-media-wrapper .ss-social-icons-container>li>.ss-ss-on-media-button,.ss-popup-overlay .ss-copy-action .ss-button,.ss-popup-overlay .ss-popup .ss-close-modal,.ss-popup-overlay .ss-popup .ss-popup-networks .ss-popup-network>a{border:0;text-shadow:none;-webkit-box-shadow:none;box-shadow:none;outline:0;text-decoration:none;text-transform:none;letter-spacing:0}.ss-on-media-wrapper .ss-social-icons-container>li>.ss-pinit-button,.ss-social-icons-container>li .ss-ss-on-media-button:after{outline:0}.ss-svg-icon{height:16px;width:auto;vertical-align:text-bottom;fill:currentColor}.ss-envelope-color{background-color:#323b43}.ss-facebook-color{background-color:#1877f2}.ss-twitter-color{background-color:#000}.ss-linkedin-color{background-color:#2867b2}.ss-pinterest-color{background-color:#bd081c}.ss-copy-color{background-color:#323b43}.ss-print-color{background-color:#323b43}.ss-mix-color{background-color:#ff8226}.ss-clearfix:after{content:"";display:table;clear:both}:root{--ss-wpadminbar-height:0px}.ss-on-media-image-wrap{display:inline-block!important;position:relative!important;line-height:0}.ss-on-media-image-wrap>img{margin:0!important}.ss-on-media-container{position:relative;margin:0!important;line-height:0}.ss-on-media-container.wp-post-image{text-align:center}.ss-on-media-wrapper{display:none}.ss-on-media-wrapper.ss-on-media-always-visible .ss-social-icons-container{opacity:1}.ss-on-media-wrapper .ss-social-icons-container{opacity:0;position:absolute;z-index:1;display:-webkit-box;display:-ms-flexbox;display:flex;padding:0!important;max-width:initial!important}.ss-on-media-wrapper .ss-social-icons-container>li{display:inline-block;float:left}.ss-on-media-wrapper .ss-social-icons-container>li>.ss-ss-on-media-button{display:-webkit-inline-box;display:-ms-inline-flexbox;display:inline-flex}.ss-on-media-wrapper .ss-social-icons-container>li>.ss-ss-on-media-button span{position:relative}.ss-on-media-wrapper .ss-social-icons-container>li>.ss-pinit-button{-webkit-box-orient:horizontal;-webkit-box-direction:normal;-ms-flex-direction:row;flex-direction:row;white-space:nowrap;font-family:-apple-system,BlinkMacSystemFont,"Segoe UI",Roboto,Oxygen-Sans,Ubuntu,Cantarell,Arial,"Helvetica Neue",sans-serif;font-weight:400;height:auto!important;width:auto!important;line-height:1!important;padding:10px 16px}.ss-on-media-wrapper .ss-social-icons-container>li>.ss-pinit-button .ss-on-media-content{display:-webkit-box;display:-ms-flexbox;display:flex}.ss-on-media-wrapper .ss-social-icons-container>li>.ss-pinit-button svg{width:auto;margin-right:6px}.ss-on-media-wrapper.ss-top-left-on-media .ss-social-icons-container{top:15px;left:15px}.ss-on-media-wrapper.ss-with-spacing.ss-top-left-on-media .ss-social-icons-container{left:12px}.ss-on-media-wrapper.ss-regular-icons .ss-social-icons-container>li>.ss-pinit-button{padding:12px 18px}.ss-popup-overlay{display:none;font-family:-apple-system,BlinkMacSystemFont,"Segoe UI",Roboto,Oxygen-Sans,Ubuntu,Cantarell,Arial,"Helvetica Neue",sans-serif;-webkit-font-smoothing:initial;content:"";position:fixed;top:0;bottom:0;left:0;right:0;z-index:99999;background:rgba(202,202,202,.75);opacity:0}.ss-popup-overlay .ss-copy-action{position:relative;display:none}.ss-popup-overlay .ss-copy-action .ss-copy-action-field{border:1px solid rgba(0,0,0,.1);border-radius:2px;color:#323b43;font-family:inherit;font-size:16px;-webkit-box-sizing:border-box;box-sizing:border-box;width:100%;height:48px!important;line-height:48px!important;padding:0 120px 0 50px!important;text-shadow:none;-webkit-box-shadow:none;box-shadow:none;outline:0;background-color:#fff;margin:0}.ss-popup-overlay .ss-copy-action .ss-button{font-weight:400;font-family:inherit;position:absolute;right:6px;top:5px;background-color:#557ceb;color:#fff;padding:0;line-height:38px;height:38px;width:105px;font-size:16px;z-index:9;border-radius:2px}.ss-popup-overlay .ss-copy-action svg{position:absolute;height:24px;width:24px;top:50%;left:15px;margin-top:-12px;fill:#dadada}.ss-popup-overlay .ss-popup{opacity:0;border-radius:2px;max-width:90%;max-height:90%;width:720px;height:auto}.ss-popup-overlay .ss-popup .ss-popup-heading{display:block;display:-webkit-box;display:-ms-flexbox;display:flex;-webkit-box-align:center;-ms-flex-align:center;align-items:center;font-size:16px;font-weight:300;color:#323b43;background-color:#fff;line-height:58px;height:58px;padding:0 0 0 24px;margin:0;border-top-left-radius:4px;border-top-right-radius:4px}.ss-popup-overlay .ss-popup .ss-close-modal{margin-left:auto;padding:0 24px;height:100%;display:-webkit-box;display:-ms-flexbox;display:flex;-webkit-box-align:center;-ms-flex-align:center;align-items:center;color:#a9a9a9}.ss-popup-overlay .ss-popup .ss-close-modal svg{width:16px;height:16px}.ss-popup-overlay .ss-popup .ss-popup-content{position:relative;top:3px;left:0;right:0;bottom:0;max-height:70vh;background-color:#fff;overflow-y:scroll;padding:24px 24px 20px;border-bottom-left-radius:4px;border-bottom-right-radius:4px}.ss-popup-overlay .ss-popup .ss-popup-networks{display:-webkit-box;display:-ms-flexbox;display:flex;-webkit-box-orient:horizontal;-webkit-box-direction:normal;-ms-flex-direction:row;flex-direction:row;-ms-flex-wrap:wrap;flex-wrap:wrap;margin:0 -6px}.ss-popup-overlay .ss-popup .ss-popup-networks .ss-popup-network{-webkit-box-sizing:border-box;box-sizing:border-box;width:33.33%;padding:0 6px 6px;-ms-flex-negative:0;flex-shrink:0;float:left;display:inline-block}.ss-popup-overlay .ss-popup .ss-popup-networks .ss-popup-network>a{position:relative;-webkit-box-sizing:border-box;box-sizing:border-box;height:40px;padding:0 15px 0 0;display:-webkit-box;display:-ms-flexbox;display:flex;line-height:40px;-webkit-box-align:center;-ms-flex-align:center;align-items:center;-webkit-box-orient:horizontal;-webkit-box-direction:normal;-ms-flex-direction:row;flex-direction:row;color:#fff;border-radius:2px;font-weight:500;font-size:13px;vertical-align:middle;-webkit-backface-visibility:hidden;white-space:nowrap;text-overflow:ellipsis}.ss-popup-overlay .ss-popup .ss-popup-networks .ss-popup-network>a span:first-child{position:relative;z-index:2;height:40px;width:40px;text-align:center;line-height:40px;font-size:16px;margin-right:10px;background-color:rgba(0,0,0,.15);display:-webkit-box;display:-ms-flexbox;display:flex;-webkit-box-align:center;-ms-flex-align:center;align-items:center}.ss-popup-overlay .ss-popup .ss-popup-networks .ss-popup-network>a svg{fill:#fff;height:16px;width:inherit;z-index:1}.ss-popup-overlay .ss-popup .ss-popup-networks .ss-popup-network>a span:first-child:before{content:"";position:absolute;left:0;top:0;background-color:rgba(0,0,0,.1)}.ss-popup-overlay .ss-popup .ss-popup-networks .ss-popup-network>a span{position:relative;z-index:3}.ss-popup-overlay .ss-popup .ss-popup-networks .ss-popup-network>a:before{position:absolute;content:"";background-color:rgba(255,255,255,0);top:0;left:0;bottom:0;right:0;z-index:1}.ss-share-network-tooltip{font-family:-apple-system,BlinkMacSystemFont,"Segoe UI",Roboto,Oxygen-Sans,Ubuntu,Cantarell,Arial,"Helvetica Neue",sans-serif;-webkit-font-smoothing:initial;position:absolute;line-height:1;left:100%;margin-left:12px;background-color:rgba(56,70,84,.85);top:50%;width:auto;white-space:nowrap;padding:8px 10px;border-radius:2px;font-size:12px;color:rgba(255,255,255,.9);z-index:2;opacity:0;-webkit-transform:translateX(-7px) translateY(-50%);-ms-transform:translateX(-7px) translateY(-50%);transform:translateX(-7px) translateY(-50%)}.ss-copy-action .ss-share-network-tooltip{left:auto;margin-left:0;right:100%;margin-right:12px;-webkit-transform:translateX(7px) translateY(-50%);-ms-transform:translateX(7px) translateY(-50%);transform:translateX(7px) translateY(-50%)}.ss-social-icons-container>li .ss-ss-on-media-button:after{content:"";background-color:rgba(0,0,0,0);position:absolute;top:0;left:0;right:0;bottom:0;z-index:1}.ss-on-media-wrapper.ss-circle-icons .ss-social-icons-container>li>.ss-ss-on-media-button{border-radius:52px}.ss-on-media-wrapper.ss-with-spacing .ss-social-icons-container>li{padding:0 3px!important}.ss-on-media-wrapper{font-family:-apple-system,BlinkMacSystemFont,"Segoe UI",Roboto,Oxygen-Sans,Ubuntu,Cantarell,Arial,"Helvetica Neue",sans-serif}.ss-on-media-wrapper .ss-social-icons-container{margin:0!important;padding:0;list-style:none}.ss-on-media-wrapper .ss-social-icons-container>li{position:relative;list-style:none;margin:0;padding:0}.ss-on-media-wrapper .ss-social-icons-container>li:before{display:none}.ss-on-media-wrapper .ss-social-icons-container>li>.ss-ss-on-media-button{position:relative;-webkit-box-sizing:border-box;box-sizing:border-box;-webkit-box-align:center;-ms-flex-align:center;align-items:center;-webkit-box-pack:center;-ms-flex-pack:center;justify-content:center;text-align:center;width:52px;height:52px;line-height:52px;color:#fff;overflow:hidden;vertical-align:middle;font-size:16px;text-decoration:none!important}.ss-on-media-wrapper .ss-social-icons-container>li>.ss-ss-on-media-button svg{height:16px;width:inherit;z-index:1}@media screen and (max-width:782px){.ss-popup-overlay .ss-popup .ss-popup-networks .ss-popup-network{width:50%}}@media screen and (max-width:500px){.ss-popup-overlay .ss-popup .ss-popup-networks .ss-popup-network{width:100%}}
Australia’s Qantas apologises for mobile app data breach by StuffsEarth - StuffsEarth
Skip to content
Australian flag carrier Qantas has apologised to fliers after a glitch in its mobile application temporarily enabled some customers to view the flights and booking details of other frequent fliers on two separate occasions.
The airline said that no financial information was exposed, and nor were any users able to transfer or use frequent flier points belonging to others. Additionally, nobody was able to board a flight using another customer’s boarding pass – and nor was this attempted.
“We sincerely apologise to customers impacted by the issue with the Qantas app this morning, which has now been resolved,” Qantas said in a statement.
“Current investigations indicate that it was caused by a technology issue and may have been related to recent system changes. At this stage, there is no indication of a cyber security incident.”
The problem first surfaced shortly before 9am in Australia on 1 May 2024 (12am BST) and multiple users reported suddenly being able to view, and apparently amend, the bookings of others. The issue was resolved by 7.50am BST. It is unknown how many, if any, UK citizens or residents were impacted.
Although Qantas has stated that the incident was not the result of direct interference from threat actors, the incident certainly constitutes a serious data breach, and it is possible that had someone with malicious intent had accessed the data of another, they could have used it in a follow-on cyber attack against that individual. The airline has advised fliers to be alert to the possibility for scams and fraud.
Ted Miracco, CEO of mobile application security specialist Approov, said that as such, the incident was highly concerning. “The problem described suggests a significant issue with how user sessions and data are being handled within the app. The Application Programming Interface (API) is incorrectly processing or validating session tokens, leading to unauthorised access to data.
“The exposure of such personal information, including booking details, frequent flyer numbers, and boarding passes, poses serious risks and liability. The data could be used for identity theft, phishing scams, or unauthorised access to further personal information.
“Such a breach should have significant legal and compliance implications, particularly under data protection regulations like the Australian Privacy Act (APA) or GDPR, if any EU citizens are affected, or other local privacy laws, depending on the nationality of the affected passengers,” he added.
API security has become a big issue thanks to the ubiquity of APIs, usage of which is growing at about 200% every single year. There are few pieces of code written in recent years that do not in some way expose or consume an API, and thanks to their mission criticality, dispersed nature, and tendency to bring developers and security teams into conflict, they have become a major attack vector for cyber criminals. Indeed, one of the most significant cyber attacks of recent years to have exploited APIs was a 2022 incident affecting another Australian organisation, telco Optus, which exposed the data of millions of customers.
System changesIf the incident did indeed arise following a botched system change, Qantas joins a growing list of organisations to have experienced similar issues in recent weeks. In March 2024, a number of prominent names on the UK high street, including fast food chain McDonald’s and the Nationwide building society experienced significant outages after mistakes were made during routine upgrade work.
Reference :
Reference link
Scroll to Top