Skip to main content

Tech: Arik Air suffers massive leak that may put over 600,000 customers' data in danger

Arik Air suffers massive leak that may put over 600,000 customers' data in danger

Justin Paine, Head of Trust & Safety, Cloudflare, who conducted the research, says the sensitive files were owned by Arik Air, and the bucket contains 994 CSV files.

Arik Air has suffered a massive data leak compromising over 600,000 customers' details in an Amazon S3 leak.

The large file in CSV files was detected in a research conducted by Justin Paine, Head of Trust & Safety, Cloudflare, an internet security company based in U.S.

According to Justin, these sensitive files were owned by Arik Air, "West-Africa's leading airline" and the bucket contains 994 CSV files.

Some of these CSV files contain in excess of 80,000+ rows of data while other files contain 46,000+ rows of data, and in some cases, files only contain 3 rows of data, ” Justin said in a report via the website - rainbowtabl.es.

Why customer's information is in danger

According to him, a malicious person could potentially use this sensitive information to the target one of these customers of Arik Air for identity theft.

“With the information included in this leak a fraudster would have plenty of useful data points -- the person's name, email, first 6 and last 4 of the credit card, and a hint as to what the person's 2FA values might be so they could then focus on compromising that 2FA account (email or phone number) to take steal the users identify.

Some of the customers' data are from Teflon Hub, PayportSA, Flutterwave, Ntel and some commercial banks in Nigeria and other African countries with passengers on Lagos to Port Harcourt flights as most affected.

 

Information such as “dates of sale, payment values, types of currency used, device fingerprints -- which may relate to the use of mobile devices or desktop systems -- and in some cases, the departing and arriving airports all appear to be in the data dump.”

Justin Paine reaches out to reach Arik Air

Justin Paine, the data researcher said he contacted Arik Air over a month ago to disclose the leak but unable to reach them after multiple attempts.

“... after multiple messages on their corporate Facebook page and Facebook messages I eventually received a reply and they provided me with the email address for a security point of contact. Several days later the security point of contact confirmed they would review my report, and that was the last I heard from Arik Air. In all -- roughly 1 month elapsed from the time I notified them to the time they took action to acknowledge my report and to secure their customer's data.

It is not certain if any data have been affected by the leak but this could cause customers a whole lot of hard earned cash and could be among the biggest leak in Africa.

Nigerians react to report on data leak

Akin Oyebode in a twitter post described the inability of Arik Air to respond as a madness.

A breach of individual and corporate information, and it takes a month for Arik to reply or take action. See the corporate details exposed, includes banks. Madness.

 

Business Insider SSA contacts Arik Air communications team

Several calls from Business Insider SSA to Arik Air on Wednesday, October 31, 2018, were unanswered.

But Sources told BISSA that the organisation is currently working on the data leak report as some heads may roll in the coming days.

ridoola.blogspot.com.ng
Labels:

Comments

Post a Comment

Popular posts from this blog

Okpebholo suspends A-G & LG Chair under 3 months over finance dealings

The Edo Government has announced the suspension of Samson Osagie , its Attorney-General and Commissioner for Justice, and Damian Lawani , chairman of the Local Government Service Commission. Mr Musa Ikhilor , Secretary to the State Government (SSG) announced the suspension in a statement in Benin on Thursday morning. ALSO READ: Kano Govt suspend 2 school principals for alleged absenteeism, negligence Ikhilor said the two-state top officials were suspended over allegations of “grave official and financial interactions”. Okpebholo suspends Edo Attorney-General and LG Service Commission Chairman According to him, the suspension, which takes immediate effect, is pending the conclusion of an investigation into the allegations. The SSG said; It is hereby announced for the information of the general public that Gov. Monday Okpebholo has approved the suspension from office of the Chairman of Edo Local Government Service Commission, Damian Lawani and Commissioner for Justice, Samson Os...
Post a Comment
Read more

Tinubu appoints MKO Abiola's son, Jamiu as SSA on Linguistics & Foreign Matters

President Bola Tinubu has appointed Jamiu Abiola as the Senior Special Assistant to the President on Linguistics and Foreign Matters. The appointee is one of the children of the late Chief Moshood Kolawole Abiola , the winner of the 1993 presidential election annulled by General Ibrahim Babangida . According to a statement by Segun Imohiosen , the Director of Information and Public Relations, Office of the Secretary to the Government of the Federation on Wednesday, November 27, 2024, Jamiu's appointment took effect from November 14, 2024. Imohiosen said the appointment aligns with the provisions of the Certain Political and Judicial Office Holders (Salaries and Allowances, etc) Act 2008, as amended. Until his recent deployment, the appointee served as the Special Assistant to the President of Special Duties in the office of the Vice President. Tinubu tasked Jamiu to work closely with the Federal Ministry of Foreign Affairs and bring his wealth of experience to bear in his new ...
Post a Comment
Read more

Protesters block East-West road in Rivers, demand action on poverty & hunger

The protesters chose to spotlight the East-west road in the expression of their anger over hunger, poverty and infrastructure deficit in the supposed viable business area. The ongoing nationwide protest, on Monday, spread to the Eleme/Onne section of the East/West Road of Rivers as a large crowd of protesters stormed the popular section connecting the Port Harcourt refineries. The News Agency of Nigeria (NAN) reports that the Akpajo axis of the East-West Road, up to the entrance leading to Indorama Petrochemicals, was taken over by angry protesters, who disrupted free vehicular movements. The East-west road is a major route connecting Port Harcourt city to key business facilities, like the Onne seaport, Port Harcourt refineries, Indorama Petrochemicals and more than six Local Government Areas of the state. The protesters, who carried on their activities peacefully, displayed placards with inscriptions, expressing dissatisfaction over the pervasive poverty, hunger and high cost of ...
Post a Comment
Read more