In his investigation, Justin said he discovered that the bucket belongs to an airline or payment processor for an airline. After thorough investigation and reviews, he concluded it belonged Arik Air which he never heard of. However, stated that the said Airline describe themselves as West Africa’s leading airline.
Arik has been having some financial troubles that led to a government takeover. Justin also tried to reach Arik Air for one month to give a response to this major find and there was no response. He tried their security email (firstname.lastname@example.org) which bounced back and the ones published on their website (email@example.com) which received no reply according to him. He also reached them on Twitter to no avail but after several times on Facebook, Arik Air responded with the response to review the data and report he found.
What is In this Bucket Found?
It contains 994 CSV files (that is 994 Excel files) and some of them contain over 80,000+ rows while others have over 46,000 rows while some have 3 rows of data.
Here’s a sampling of the data points that were leaked:
- Customer email address
- Customer name
- Customer’s IP at time of purchase
- A hash of the customer’s credit card
- What appears to be last 4 digits of the credit card used.
- What appears to be maybe be the first 6 digits of the credit card used.
- A unique device fingerprint (presumably the user’s mobile or desktop device?)
- Type of currency used
- Payment card type
- Business name related to the purchase (more on this below)
- Amount of purchase
- Date of purchase
- Country of origin of the purchaser
- Charge message (chargemessage) associated with the purchase (more on this below)
- The “sector” field was populated in some cases. This appears to include the specific departing airport and arriving airport (more on this below). (es)
Other high level information in this bucket are;
High level stats
|Number of files inthe bucket||994 CSV files|
|Date range of leaked data||“2017-12-31T02:25:59.000Z” – “2018-03-16T14:08:50.000Z”(Roughly 3.5 months of data.)|
|unique customer names||54,011|
This basically exposes the information of customers from Business Name to OTP (one-time password) messages for payment, bank details, flight details, destination, etc. All these in the wrong hands can expose customers to kidnappings, fraud and extortion.
Other stats found in this data breach by Arik Air are;
Information below is in the format:
Friendly name (fieldname)
Customer Email (custemailprovider)
|CUSTOMER EMAIL PROVIDER||COUNT|
|TYPE OF CURRENCY||COUNT|
Account business name (acctparentbusinessname)
|ACCOUNT BUSINESS NAME||COUNT|
|Access Bank Ghana Plc||760|
|Union Bank PLC||272|
|Gene Solutions Multiservices Company||68|
|Crenet TechLabs Limited||34|
Account country (acctcountry)
Payment type (paymenttype)
Payment card type (pcardtype)
Examples of Data breaches in recent years can be found below;
Impact: 3 billion user accounts
Details: In September 2016, the once-dominant Internet giant, while in negotiations to sell itself to Verizon, announced it had been the victim of the biggest data breach in history, likely by “a state-sponsored actor,” in 2014. The attack compromised the real names, email addresses, dates of birth and telephone numbers of 500 million users. The company said the “vast majority” of the passwords involved had been hashed using the robust bcrypt algorithm.
A couple of months later, in December, it buried that earlier record with the disclosure that a breach in 2013, by a different group of hackers had compromised 1 billion accounts. Besides names, dates of birth, email addresses and passwords that were not as well protected as those involved in 2014, security questions and answers were also compromised. In October of 2017, Yahoo revised that estimate, saying that, in fact, all 3 billion user accounts had been compromised.
The breaches knocked an estimated $350 million off Yahoo’s sale price. Verizon eventually paid $4.48 billion for Yahoo’s core Internet business. The agreement called for the two companies to share regulatory and legal liabilities from the breaches. The sale did not include a reported investment in Alibaba Group Holding of $41.3 billion and an ownership interest in Yahoo Japan of $9.3 billion.
Yahoo, founded in 1994, had once been valued at $100 billion. After the sale, the company changed its name to Altaba, Inc.
2. Adult Friend Finder
Date: October 2016
Impact: More than 412.2 million accounts
Details: The FriendFinder Network, which included casual hookup and adult content websites like Adult Friend Finder, Penthouse.com, Cams.com, iCams.com and Stripshow.com, was breached sometime in mid-October 2016. Hackers collected 20 years of data on six databases that included names, email addresses and passwords.
Most of the passwords were protected only by the weak SHA-1 hashing algorithm, which meant that 99 percent of them had been cracked by the time LeakedSource.com published its analysis of the entire data set on November 14.
CSO Online’s Steve Ragan reported at the time that, “a researcher who goes by 1×0123 on Twitter and by Revolver in other circles posted screenshots taken on Adult Friend Finder (that) show a Local File Inclusion vulnerability (LFI) being triggered.” He said the vulnerability, discovered in a module on the production servers used by Adult Friend Finder, “was being exploited.”
AFF Vice President Diana Ballou issued a statement saying, “We did identify and fix a vulnerability that was related to the ability to access source code through an injection vulnerability.”
Date: May 2014
Impact: 145 million users compromised
Details: The online auction giant reported a cyberattack in May 2014 that it said exposed names, addresses, dates of birth and encrypted passwords of all of its 145 million users. The company said hackers got into the company network using the credentials of three corporate employees, and had complete inside access for 229 days, during which time they were able to make their way to the user database.
It asked its customers to change their passwords, but said financial information, such as credit card numbers, was stored separately and was not compromised. The company was criticized at the time for a lack of communication informing its users and poor implementation of the password-renewal process.
CEO John Donahue said the breach resulted in a decline in user activity, but had little impact on the bottom line – its Q2 revenue was up 13 percent and earnings up 6 percent, in line with analyst expectations.
Date: July 29 2017
Impact: Personal information (including Social Security Numbers, birth dates, addresses, and in some cases drivers’ license numbers) of 143 million consumers; 209,000 consumers also had their credit card data exposed.
Details: Equifax, one of the largest credit bureaus in the U.S., said on Sept. 7, 2017, that an application vulnerability on one of their websites led to a data breach that exposed about 147.9 million consumers. The breach was discovered on July 29, but the company says that it likely started in mid-May. (Credit: CSO)
A prominent example of one these data breach is Facebook during the 2016 Presidential elections in the United States. Other examples that bother on dating sites have also happened and this exposes customers to blackmails and all sorts if such data gets into the wrong hands.
In as much as protecting data of customers is extremely important, it is also very expensive for many companies to do. The infrastructure and expertise require massive spending in Artificial Intelligence and Machine learning.