Home | NEWS | [:en]Arik Air Expose Customers In Data Breach[:]

[:en]Arik Air Expose Customers In Data Breach[:]

[:en]Nigeria’s Arik might have violated a major Global rule of doing business in the 21st century which is the protection of customer data (data breach) and information. This was as if revealed by a scanner, Justin with handle @xxdesmus who discovered an Amazon S3 bucket containing large CSV files (in excel format).

In his investigation, Justin said he discovered that the bucket belongs to an airline or payment processor for an airline. After thorough investigation and reviews, he concluded it belonged Arik Air which he never heard of. However, stated that the said Airline describe themselves as West Africa’s leading airline.

Arik has been having some financial troubles that led to a government takeover. Justin also tried to reach Arik Air for one month to give a response to this major find and there was no response. He tried their security email (security@arikair.com) which bounced back and the ones published on their website (talktous@arikair.com) which received no reply according to him. He also reached them on Twitter to no avail but after several times on Facebook, Arik Air responded with the response to review the data and report he found.

What is In this Bucket Found?

It contains 994 CSV files (that is 994 Excel files) and some of them contain over 80,000+ rows while others have over 46,000 rows while some have 3 rows of data.

Here’s a sampling of the data points that were leaked:

  • Customer email address
  • Customer name
  • Customer’s IP at time of purchase
  • A hash of the customer’s credit card
  • What appears to be last 4 digits of the credit card used.
  • What appears to be maybe be the first 6 digits of the credit card used.
  • A unique device fingerprint (presumably the user’s mobile or desktop device?)
  • Type of currency used
  • Payment card type
  • Business name related to the purchase (more on this below)
  • Amount of purchase
  • Date of purchase
  • Country of origin of the purchaser
  • Charge message (chargemessage) associated with the purchase (more on this below)
  • The “sector” field was populated in some cases. This appears to include the specific departing airport and arriving airport (more on this below). (es)

 

Other high level information in this bucket are;

High level stats

STATS COUNT
Number of files inthe bucket 994 CSV files
Date range of leaked data “2017-12-31T02:25:59.000Z” – “2018-03-16T14:08:50.000Z”(Roughly 3.5 months of data.)
unique devicefingerprint 41,304
unique pcardl4 9,989
unique pcard6 3,517
unique pcardhash 71,065
unique IPs 35,593
unique emails 65,412
unique customer names 54,011

This basically exposes the information of customers from Business Name to OTP (one-time password) messages for payment, bank details, flight details, destination, etc. All these in the wrong hands can expose customers to kidnappings, fraud and extortion.

Other stats found in this data breach by Arik Air are;

Other stats

Information below is in the format:
Friendly name (fieldname)

Customer Email (custemailprovider)

CUSTOMER EMAIL PROVIDER COUNT
GMAIL 301376
YAHOO 203951
COMPANY EMAIL 81648
YAHOO UK 17036
HOTMAIL 11683
MICROSOFT 4715
YAHOO MAIL 3673
AOL 1655
APPLE MAIL 920
YAHOO INDIA 529
YAHOO BRAZIL 126
YAHOO GERMANY 100
ZOHO 79
BT UK 37
YAHOO MEXICO 30
YANDEX RUSSIA 9
COMCAST 6

currency (currency)

TYPE OF CURRENCY COUNT
NGN 590611
USD 12105
KES 10368
EUR 7848
GBP 4512
GHS 2096
ZAR 39

Account business name (acctparentbusinessname)

ACCOUNT BUSINESS NAME COUNT
Teflon Hub 268490
PayportSA 20736
Fidelity Bank 2625
Access Bank 2332
Sterling Bank 1588
Access Bank Ghana Plc 760
Union Bank PLC 272
PayByana 210
Gene Solutions Multiservices Company 68
Brinq Africa 60
Crenet TechLabs Limited 34
Flutterwave 22
NTEL 5

Account country (acctcountry)

ACCOUNT COUNTRY COUNT
NG 583059
CA 22386
CY 17738
NL 3070
GH 805
GB 242
SE 236
ZA 17
BG 11
IN 8
1 6
US 1

Payment type (paymenttype)

PAYMENT TYPE COUNT
card 570224
account 32861
cpos-terminal 11457
mpesa 10235
ussd 935
mobilemoneygh 882
mcash-offline 636
paypal 188
account-internet-banking 82
account-ach-us 73

Payment card type (pcardtype)

CARD TYPE COUNT
MASTERCARD 437457
VISA 97713
VERVE 18010
MAESTRO 13672
Wema 1510
Interswitch 1227
ACCESS 373
AMERICAN 108
DANKORT 69
VISASTANBIC 55
DISCOVER 16

 

Examples of Data breaches in recent years can be found below;

 

  1. Yahoo

Date: 2013-14
Impact: 3 billion user accounts
Details: In September 2016, the once-dominant Internet giant, while in negotiations to sell itself to Verizon, announced it had been the victim of the biggest data breach in history, likely by “a state-sponsored actor,” in 2014. The attack compromised the real names, email addresses, dates of birth and telephone numbers of 500 million users. The company said the “vast majority” of the passwords involved had been hashed using the robust bcrypt algorithm.

A couple of months later, in December, it buried that earlier record with the disclosure that a breach in 2013, by a different group of hackers had compromised 1 billion accounts. Besides names, dates of birth, email addresses and passwords that were not as well protected as those involved in 2014, security questions and answers were also compromised. In October of 2017, Yahoo revised that estimate, saying that, in fact, all 3 billion user accounts had been compromised.

The breaches knocked an estimated $350 million off Yahoo’s sale price. Verizon eventually paid $4.48 billion for Yahoo’s core Internet business. The agreement called for the two companies to share regulatory and legal liabilities from the breaches. The sale did not include a reported investment in Alibaba Group Holding of $41.3 billion and an ownership interest in Yahoo Japan of $9.3 billion.

Yahoo, founded in 1994, had once been valued at $100 billion. After the sale, the company changed its name to Altaba, Inc.

Read more about the Yahoo data breach…

Prepare to become a Certified Information Security Systems Professional with this comprehensive online course from PluralSight. Now offering a 10-day free trial! ]

2. Adult Friend Finder

Date: October 2016
Impact: More than 412.2 million accounts
Details: The FriendFinder Network, which included casual hookup and adult content websites like Adult Friend Finder, Penthouse.com, Cams.com, iCams.com and Stripshow.com, was breached sometime in mid-October 2016. Hackers collected 20 years of data on six databases that included names, email addresses and passwords.

Most of the passwords were protected only by the weak SHA-1 hashing algorithm, which meant that 99 percent of them had been cracked by the time LeakedSource.com published its analysis of the entire data set on November 14.

CSO Online’s Steve Ragan reported at the time that, “a researcher who goes by 1×0123 on Twitter and by Revolver in other circles posted screenshots taken on Adult Friend Finder (that) show a Local File Inclusion vulnerability (LFI) being triggered.” He said the vulnerability, discovered in a module on the production servers used by Adult Friend Finder, “was being exploited.”

AFF Vice President Diana Ballou issued a statement saying, “We did identify and fix a vulnerability that was related to the ability to access source code through an injection vulnerability.”

Read more about the Adult Friend Finder data breach…

WHAT NIGERIA CAN LEARN FROM LESLIE JONES’ WEBSITE HACK

  1. eBay

Date: May 2014
Impact: 145 million users compromised
Details: The online auction giant reported a cyberattack in May 2014 that it said exposed names, addresses, dates of birth and encrypted passwords of all of its 145 million users. The company said hackers got into the company network using the credentials of three corporate employees, and had complete inside access for 229 days, during which time they were able to make their way to the user database.

It asked its customers to change their passwords, but said financial information, such as credit card numbers, was stored separately and was not compromised. The company was criticized at the time for a lack of communication informing its users and poor implementation of the password-renewal process.

CEO John Donahue said the breach resulted in a decline in user activity, but had little impact on the bottom line – its Q2 revenue was up 13 percent and earnings up 6 percent, in line with analyst expectations.

Read more about the eBay data breach…

  1. Equifax

Date: July 29 2017

Impact: Personal information (including Social Security Numbers, birth dates, addresses, and in some cases drivers’ license numbers) of 143 million consumers; 209,000 consumers also had their credit card data exposed.

Details: Equifax, one of the largest credit bureaus in the U.S., said on Sept. 7, 2017, that an application vulnerability on one of their websites led to a data breach that exposed about 147.9 million consumers. The breach was discovered on July 29, but the company says that it likely started in mid-May. (Credit: CSO)

A prominent example of one these data breach is Facebook during the 2016 Presidential elections in the United States. Other examples that bother on dating sites have also happened and this exposes customers to blackmails and all sorts if such data gets into the wrong hands.

In as much as protecting data of customers is extremely important, it is also very expensive for many companies to do. The infrastructure and expertise require massive spending in Artificial Intelligence and Machine learning.

THE DYNAMICS OF POLITICAL SUPPORT AND VOTING

[:]

About Eureka Magazine

The truth that is Most Evident

Check Also

Next Level: President Buhari Seeks the Support of Organized Labour

President Muhammadu Buhari got a felicitation visit of the organized labour in Aso Rock over …

Say something about the post... :)

This site uses Akismet to reduce spam. Learn how your comment data is processed.