The problem is too expensive to fix, but not for the reason you mentioned.
Many passengers struggle with flying, due to inexperience, carelessness, distractions, or fear of flying, or they lack the mental capacity to understand everything they need to do. These people need the simplest possible way to access their flight info. That means helping them as much as possible by printing the booking code on the luggage tags, flight coupons, boarding passes, everything.
So far, it's much cheaper to accept the risk of a few people messing with the flight info, rather than dealing with millions of scared, confused, and/or angry travelers stuck in an unplanned layover because they didn't have the ability to access their connecting flight information.
That could change if someone figures out how to monetize this hack safely, but that's very unlikely. The booking code isn't the only security measure in place. The hackers can change a flight, but a passenger complaining at a gate will win out over an online change; anyone attempting to cash in on the fraudulently changed ticket risks felony theft and fraud charges.