Arik Air, AMCON

Customer data belonging to Arik Air may have leaked. An information technology expert who goes by the identity xxdesmus disclosed this in a post as well as a tweet from his handle.

He said the data was found during his normal course of scanning for open/exposed/vulnerable Amazon S3 buckets.

spreadsheet

From the timeline he provided, it took the airline about a month to respond to his emails. He first noticed the leak on the 6th of September 2018 and notified the airline same day. The carrier finally replied on the 17th of September 2018, of which he was asked to resend an email to another email address provided. Upon sending an email to the provided email address, he was told they will review the situation and never heard from Arik Air again.

The data also show travel patterns of individual passenger.

Likely data that may have leaked

The ICT professional also gave hints on the data that leaked. They include:

The answer — 994 CSV files. Some of these CSV files contain in excess of 80,000+ rows of data while other files contain 46,000+ rows of data, and in some cases, files only contain 3 rows of data.

Here’s a sampling of the data points that were leaked:

Deal book 300 x 250
  • Customer email address
  • Customer name
  • Customer’s IP at the time of purchase
  • A hash of the customer’s credit card
  • What appears to be the last 4 digits of the credit card used.
  • What appears to be the first 6 digits of the credit card used.
  • A unique device fingerprint (presumably the user’s mobile or desktop device?)
  • Type of currency used
  • Payment card type
  • Business name related to the purchase (more on this below)
  • Amount of purchase
  • Date of purchase
  • Country of origin of the purchase

Where did the leak come from

While the data clearly belongs to Arik Air, the ICT professional, however, stated that the leak may not be directly from the airline, but from one of its payment processors.

“It’s not entirely clear who the owner of this data is as Arik Air didn’t reply with any further clarification or details. That being said it certainly seems likely to be a bucket controlled by Arik Air, or one of their immediate partners/processors.”

Implications of the leak 

The data could fall into the hands of fraudsters, who might make transactions on the cards.

Coronation Research
Onome Ohwovoriole
https://nairametrics.com
Onome Ohwovoriole has a degree in Economics and Statistics from the University of Benin and prior to joining Nairametrics in December 2016 as Lead Analyst had stints in Publishing, Automobile Services, Entertainment and Leadership Training. He covers companies in the Nigerian corporate space, especially those listed on the Nigerian Stock Exchange (NSE). He also has a keen interest in new frontiers like Cryptocurrencies and Fintech. In his spare time, he loves to read books on finance, fiction as well as keep up with happenings in the world of international diplomacy. You can contact him via onome.ohwovoriole@nairametrics.com

LEAVE A REPLY

Please enter your comment!
Please enter your name here

This site uses Akismet to reduce spam. Learn how your comment data is processed.