fashrola:
With our porous system in the country, a lot of fraudsters in the financial institution are cashing out

Its not just Nigeria. British airways was hacked a few days ago and customers info stolen. This arik incident might b connected to d British airways incident

Dude397:
A good Samaritan should please help me with airtel airtime of any amount biko. I'm stranded here.
09074843276

Do you have shame at all

This is why you need a prepaid card. Got my visa prepaid card from UBA and use it for my online payments, I only load the amounts I need to use. The good thing is that it is not linked to your bank account so in cases like this your account remains safe.

see money

Cloudflare guy just wan sell market

Nwaforj44:
A Nigerian airline has been accused of spurning efforts to notify it of a data leak that involves customers’ personal and payment information.
The leak, which contained sensitive customer details such as device fingerprints, names, email addresses, last four digits of credit cards, and IP addresses, was discovered on September 6 by Justin Paine, the head of trust and safety at Cloudflare.
Cloudflare is one of the largest internet security and cloud network platforms in the world.


“After concluding the CSV files were very likely owned by Arik Air (or their payment processor) I immediately attempted to make contact with Arik Air to notify them of this data leak,” Paine said in a blog post he published on Tuesday.
“To say this process was challenging would be an understatement. I can confirm roughly 1 month after notice was provided that action has finally been taken to secure the S3 bucket.”
Although Paine acknowledged that it was not totally clear who the owner of “this data is as Arik Air didn’t reply” with any further details, he doubled down on his belief that it is “a bucket controlled by Arik Air or one of their immediate partners/processors.”
Paine said the leaked storage contained 994 CSV files, with the customers’ information collected between December 31, 2017, and March 16, 2018.
It contained 54,011 unique names, 41, 304 unique device fingerprint, 65,412 unique emails and 570, 210 unique card transactions; 437, 457 of those were made using Mastercard and 97, 713 using Visa.
Majority of the customers affected appeared to be Nigerians or based in Nigeria as most of the account used in transactions covered in the leak were domiciled in Nigeria.
He said the breach was only acknowledged in an email sent to him on September 24, 18 days after he first made contact with Arik Air via its Facebook page.
He also noted the breach was fixed sometime after he received the email.
When contacted on Wednesday, Ola Adebanji, head of corporate communications at Arik Air said he was not aware of the leak and that he will have a response after speaking with the company’s technical team.
He promised to respond to an email and text message sent to him “shortly”.
One of the companies that provide Arik Air’s online payment gateway Interswitch did not respond when contacted by The Guardian.
Set up in 2006, Arik Air was a privately-owned business before it was taken over by the Nigerian government in 2017 after failing to repay its $429 million debts.
A spokesman for the Asset Management Corporation of Nigeria (AMCON), which now manages the company, said AMCON took “over the management of Arik because the whole place is in a me
ss.”

https://www.akelicious.net/2018/10/arik-air-in-customers-data-leak-mess.html

omoniomoade:
WHO THIS ONE HELP?

It will not help u because na BRT and okada u dey enter

Nigerian establishments, notably government and private companies do very little to secure their IT infrastructure from external breach.
They never herd to professional advice about doing more to evaluate their level of exposure. They rather carry on and pretend all is well.

Our saving grace for now is that a lot of the payment gateway companies partner with foreign data security companies like cloudfare etc.

Even at that no one gives a damn. Welcome to Nigeria where nobody is held accountable

fashrola:


Don't worry till them clear your bank account, your eye go open

no mind that mumu geh. E be like say she never fly before

This could be SSL failure.

The need for more cyber analyst and evaluators have become imperative.

There's data leaks everywhere, though this is particularly careless:

1 - sensitive data was saved unecrypted in CSV files. That's just so egregious.
2 - unencrypted data was then sent to the cloud for storage
3 - it too them so long to respond to the notification (it wasn't even Arik that detected the error)

Apart from the sensitive data, there's also useful information about flight frequency/destination, unique customers, and also the popularity of MasterCard in Nigeria (437,457 transactions, 77% of the total).

fahren:
Lai Mohammed of APC and Buhari will blame it on PDP and Jonathan very soon.

Like if you are Atikulating joor

I'm certain you don't know anything about politics what you just said now was because of nairaland likes

E pain am

umarsule885:
I'm certain you don't know anything about politics what you just said now was because of nairaland likes

Arik matter don tire me ,imagine them even serve me expired drinks on board .
so sad.

This is a very careless error by Ariks payment processor. By default AWS s3 buckets are secured, the rookie third party must have made the bucket public.
Arik being the data controller could be fined or sanctioned by PCI Council for exposing the cardholder details.