‘Airlink International UAE’ Data Leak Is Now Freely Shared on the Dark Web

  • A U.A.E. travel and logistics company has spilled the data of its customers back in May.
  • That data is now circulating the dark web, and someone is giving it away for free on at least two forums.
  • Most worryingly, there are passport scans in the leaked data, which could lead to impersonation.

A data leak that actually occurred a while back but was not covered by the media is now freely shared on at least two dark web forums. The compromised entity is ‘Airlink International U.A.E.,’ which is a travel and logistics firm that employs over two hundred people and has yearly revenues in the range of $250 million. The security incident happened due to a server misconfiguration that leaked the data, so there were no hacker breaches.

Unfortunately for both the company and the exposed individuals, the data that is being now shared for free with multiple actors concern highly sensitive details in 14 folders containing 53,555 files. It includes passport scans, flight bookings, hotel bookings, email communications of the firm and its customers, and insurance policy PDFs for international travel.

Obviously, clients’ personally identifiable information is available in these files, including names, email addresses, phone numbers, and various travel details like expenses and duration of stays.

Source: Cyble
Source: Cyble

The passport scans alone are enough to cause a big headache to their holders, as someone could now forge fake ones, impersonate the owners online or on the physical world, phish them, scam them, and more. One way to deal with this would be to get a new passport, which of course, costs time and money to do. If you have done business with Airlink International U.A.E., we suggest that you get a new passport with a new number on it and declare the old one stolen.

Related: Almost All Airlines Are Vulnerable to Email Fraud Attacks

Moreover, you should remain vigilant with incoming communications and keep in mind that crooks now have both your phone number and your email address. Phishing attempts are the most likely, and since many actors have this data on their hands, you may see these attempts coming from multiple places. The original leak occurred back on May 30, 2020, so the period of potential scamming starts from then and will go on indefinitely.

As for Airlink International UAE, it remains unclear if the company sent notifications to the affected individuals, but considering the absence of laws that would force them to report data leaks to the relevant authorities in the United Arab Emirates, they almost definitely haven’t informed anyone.

REVIEW OVERVIEW

Latest

NBCUniversal’s Streaming Platform ‘Peacock’ Is Landing on Amazon’s Fire TV Today

Users of Fire TV devices will finally be able to enjoy ‘Peacock’ content on their Amazon hardware.This has been requested warmly by...

Dell Fixes Multiple BIOS Vulnerabilities Affecting Millions of Its Computers

Tens of millions of Dell computers are vulnerable to arbitrary remote code execution flaws.The problem lies in BIOS components that come as...

Former Executives of French Spyware Firms ‘Nexa’ and ‘Amesys’ Indicted for Aiding Torture

Four former executives of two French spyware firms have been indicted in Paris for aiding torture in Africa.These people were determined to...