Lately, I was browsing the homepage of an airline holiday flights. The prospective flight date wasn't too far off, so there weren't many low-price seats left on those planes. When I had decided on a route for my friend and me, I clicked 'next' in their online form, taking me from the date/price overview to entering the names of the passengers. I entered my name, and... Aw, shoot. I'd forgotten to choose 'two passengers'. So I went back, picked our date/price again, entered my name and... Oh dammit, I forgot to put in my friend's name as well. So I went back, and did it all right this time, only to see that they wouldn't accept any other means of payment other than credit cards. Well shoot, I don't have one.
So I called up their hotline (which has a very good service and friendly operators) and asked them how I could book a flight witout a credit card, and the lady told me that this would only be possible through a travel agent's. Very well, it would mean an extra booking fee, but I didn't seem to have a choice. I thanked her, hung up and called up Germany's two or three most popular online booking sites. I entered our flight dates and... WTF!? All of a sudden, the flight costs almost 100 Euros more per person. Wait, they had to be wrong, I'd been about to book the flight at the lowest possible price just five minutes ago! But all the other booking sites concurred. I headed back to the airline's homepage - at least they would have to be right about the state of their reservations. But there it was, no more cheap seats, and my holiday looking blown.
Determined to get to the root of this, I called up their hotline and explained my dilemma. "Well," the lady said, "somebody must have booked all the remaining seats just now!" Something horrible was dawning on me, and I asked very carefully, "C-Could it have been... me?" I told her my name and that I had entered it into the reservation form a couple of times, but always aborted the process for some reason or other. She went clickety-click, and - "Oh yes, that's you! I see that you've made three reservations!" She was kind enough to cancel the redundant reservations and call me back later so I could book the flights with a friend's credit card.
Only when I had hung up did I realize what this incident revealed about their website. Any person with a browser could pick out a flight, enter the names of Donald Duck and Oscar Wilde for travellers, click 'next' and then just close their browser window, and to any travel agent's office and travel booking site in the world, these seats would be shown as unavailable, forcing others to pick seats at higher prices or even change their flight dates. IMO, this is a terrible vulnerability, allowing people to DoS the airline itself without anybody noticing.
Now, I don't know what to do. I can't call the hotline about this, because the ladies there don't know anything about their website's design, and I'm sure they couldn't just get a developer on the phone. If I wrote and email to some service address of theirs, I'm certain it would be answered with some standard response about how they appreciate my input and then be forgotten. In short: I seem to be unable to reach anybody at that company who would understand the seriousness of this and be able to do something about it. What do you suggest I do?