An unsecured server discovered by a security researcher last week contained the identities of hundreds of thousands of individuals from the U.S. government’s Terrorist Screening Database and “No Fly List.”
Located by the Swiss hacker known as maia arson crimew, the server, run by the U.S. national airline CommuteAir, was left exposed on the public internet. It revealed a vast amount of company data, including private information on almost 1,000 CommuteAir employees.
Analysis of the server resulted in the discovery of a text file named “NoFly.csv,” a reference to the subset of individuals in the Terrorist Screening Database who have been barred from air travel due to having suspected or known ties to terrorist organizations.
The list, according to crimew, appeared to have more than 1.5 million entries in total. The data included names as well as birth dates. It also included multiple aliases, placing the number of unique individuals at far less than 1.5 million.
On the list were several notable figures, including the recently freed Russian arms dealer Viktor Bout, alongside over 16 potential aliases for him.
The aliases comprised different, common misspellings of his last name and other versions of his first name, as well as different birthdays. Many of the birthdays aligned with the recorded date Bout was born.
Suspected members of the IRA, the Irish paramilitary organization, were also on the list.
Another individual, according to crimew, was listed as 8 years old based on their birth year.
Many entries on the list were names that appeared to be of Arabic or Middle Eastern descent, although Hispanic and Anglican-sounding names were also on the list. Numerous names included aliases that were common misspellings or slightly altered versions of their names.
“It’s just crazy to me how big that Terrorism Screening Database is and yet there is still very clear trends towards almost exclusively Arabic and Russian sounding names throughout the million entries,” crimew said.
“Over last 20 years, the U.S. citizens that we’ve seen targeted for watchlisting are disproportionately Muslim and people of Arab or Middle Eastern and South Asian descent,” said Hina Shamsi, director of the National Security Project at the American Civil Liberties (ACLU). “Sometimes it’s people who dissent or have what are seen as unpopular views. We’ve also seen journalists watchlisted.”
In a statement to the Daily Dot, TSA said that it was “aware of a potential cybersecurity incident with CommuteAir, and we are investigating in coordination with our federal partners.”
www.dailydot.com
