Data from Airlink International UAE leaked on multiple dark web forums

October 8, 2020  By Pierluigi Paganini


Cybersecurity researchers from Cyble have spotted a threat actor sharing leaked data of Airlink International UAE for free on two different platforms.

Cybersecurity researchers from Cyble have found a threat actor sharing leaked data of Airlink International UAE for free on two platforms on the dark web.

The availability of the data on the dark web could pose organizations to serious risk, threat actors could use this data to carry out multiple malicious attacks.

Cyble discovered the data leak as part of its daily monitoring.

Airlink International U.A.E. is a leading company for any travel and logistics requirements. It has more than than 200 employees with around $250 million in revenue.

The data leak is the result of a misconfigured server containing 60 directories with approximately 5,000 files each.

The data leak was first reported on May 30, 2020, the data have been posted online by the collective KelvinSecTeam.

“The files present accommodation reservations, airline tickets and other logistics services that the company provides on a global scale. In a quick inspection by sampling, it was possible to observe customers of different nationalities and services provided in Africa, Asia and Europe.” reported the media.

According to Cyble, now, another threat actor is spreading the same data on multiple dark web forums in an attempt to gain fame.

Leaked data includes 14 folders and 53,555 files divided into the following categories:

  • Passport scans
  • Flight bookings
  • Hotel bookings
  • Email communications between Airlink International Group employees and customers
  • Insurance policy for international travel

Cyble provides recommends the following recommendation to the organizations:

  • Configure server to prevent unauthorized access, directory listing
  • Review old backup and unreferenced files for sensitive information
  • Test file permissions
  • Enumeration of infrastructure and application administrator interfaces
  • Consider running scans and doing audits periodically to help detect future misconfigurations or missing patches
[adrotate banner=”9″][adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – hacking, Airlink International UAE)

[adrotate banner=”5″]

[adrotate banner=”13″]



Pierluigi Paganini
Pierluigi Paganini is member of the ENISA (European Union Agency for Network and Information Security) Threat Landscape Stakeholder Group and Cyber G7 Group, he is also a Security Evangelist, Security Analyst and Freelance Writer. Editor-in-Chief at "Cyber Defense Magazine", Pierluigi is a cyber security expert with over 20 years experience in the field, he is Certified Ethical Hacker at EC Council in London. The passion for writing and a strong belief that security is founded on sharing and awareness led Pierluigi to find the security blog "Security Affairs" recently named a Top National Security Resource for US. Pierluigi is a member of the "The Hacker News" team and he is a writer for some major publications in the field such as Cyber War Zone, ICTTF, Infosec Island, Infosec Institute, The Hacker News Magazine and for many other Security magazines. Author of the Books "The Deep Dark Web" and “Digital Virtual Currency and Bitcoin”.





You might also like





  • Digging the Deep Web: Exploring the dark side of the web

    Digging The Deep Web

  • Center for Cyber Security and International Relations Studies

  • Subscribe Security Affairs Newsletter

    newsletter

  • SecurityAffairs awarded as Best European Cybersecurity Tech Blog at European Cybersecurity Blogger Awards

    EU Sec Bloggers Awards 22


More Story

QNAP addresses 2 critical flaws that can allow hackers to take over NASs

 QNAP has addressed two critical security vulnerabilities in the Helpdesk app that could enable potential attackers to take...