RT.com
21 Jan 2023, 10:13 GMT+10
The database with over 1.5 million names and aliases was allegedly discovered on an unsecured server
The US Transportation Security Administration is reportedly doing damage control after a Swiss hacker found a copy of the FBI's infamous "no-fly" list on an unsecured server belonging to regional US airline CommuteAir.
In a statement to tech outlet the Daily Dot on Thursday, the TSA acknowledged it was "aware of a potential cybersecurity incident" and investigating with other federal agencies.
The hacker, who goes by the name 'maia arson crimew', found a four-year-old copy of the no-fly list, a subset of the FBI's Terrorist Screening Database comprised of individuals forbidden from air travel over their known or suspected terrorist ties, while digging through an unsecured Jenkins server, according to a Thursday blog post.
Stored in an unencrypted, helpfully-named database file as nofly.csv, the data included 1.5 million entries, names and birth dates. While many were aliases - Viktor Bout, the Russian businessman imprisoned in the US on arms trading charges until the recent prisoner swap with American basketball player Brittney Griner, had more than 16 alternate names and spellings listed, plus several possible birthdays - crimew nevertheless expressed shock at the size of the list.
"It's just crazy to know how big that Terrorism Screening Database is and yet there is still very clear trends toward almost exclusively Arabic and Russian sounding names throughout the million entries," she told the Daily Dot.
Outliers included suspected members of Irish paramilitary group the IRA, as well as one individual who - judging by their birthdate, at least - was only eight years old.
The server also included private information on about 900 CommuteAir employees, including names, passport numbers, addresses, and phone numbers, according to crimew. The airline told the Daily Dot it had taken the server offline and reported the unauthorized access to the Cybersecurity and Infrastructure Security Agency, while stressing that the server had been used for "testing purposes" and no customer data was breached - only that of employees.
A federal judge ruled the Terrorist Screening Database unconstitutional in 2019, arguing that because there was no "ascertainable standard for inclusion and exclusion," it violated the due process rights of those named on the list. There have been no meaningful attempts to enforce that ruling since. The FBI shares the list with over 500 private-sector entities it deems 'law enforcement adjacent,' as well as over 60 foreign governments.
(RT.com)
Get a daily dose of Business Sun news through our daily email, its complimentary and keeps you fully up to date with world and business news as well.
Publish news of your business, community or sports group, personnel appointments, major event and more by submitting a news release to Business Sun.
More InformationWASHINGTON D.C.: Despite the efforts of the Federal Reserve Bank to cool the job market to help curb record-high inflation, ...
NEW YORK, New York - A sharp rise in U.S. Treasury yields kept buyers at bay on Wall Street on ...
WASHINGTON D.C.: A report released this week detailed how, in January, layoffs in the US reached a more than two-year ...
LONDON, England: Energy giant Shell Oil has announced a record profit of nearly $40 billion in 2022, capping an eventful ...
WASHINGTON D.C.: As part of a wider policy drive to increase competition in consumer markets, President Joe Biden has announced ...
OSLO, Norway: Ending a three-year run of profits as stock and bond prices were hit by rising inflation and Russia's ...
WASHINGTON D.C.: As US lawmakers investigate the Chinese-owned video-sharing app TikTok, its Chief Executive, Shou Zi Chew, has confirmed that ...
Dubbed Bard, the service will compete with the Microsoft-backed ChatGPTAn "experimental conversational AI service" named Bard will be made available ...
Mumbai (Maharashtra) [India], February 6 (ANI): Reliance Industries Limited (RIL) on Monday unveiled India's first Hydrogen Internal Combustion Engine technology ...
Lucknow (Uttar Pradesh) [India], February 6 (ANI): India's membership into the Shanghai Cooperation Organisation (SCO) reaffirms its age-old connection with ...
Rome - Cybersecurity agencies in Europe are warning of ransomware attacks exploiting a two-year-old computer bug as Italy experienced widespread ...
Beijing [China], February 5 (ANI): China lifted the 'Zero Covid' policy hoping it would give their citizens relief but it ...