Conde Naste Traveler
Daily Dot: EXCLUSIVE: U.S. airline accidentally exposes ‘No Fly List’ on unsecured server
One of the most sensitive U.S. government documents was left online.
An unsecured server discovered by a security researcher last week contained the identities of hundreds of thousands of individuals from the U.S. government’s Terrorist Screening Database and “No Fly List.”
Located by the Swiss hacker known as maia arson crimew, the server, run by the U.S. national airline CommuteAir, was left exposed on the public internet. It revealed a vast amount of company data, including private information on almost 1,000 CommuteAir employees.
Analysis of the server resulted in the discovery of a text file named “NoFly.csv,” a reference to the subset of individuals in the Terrorist Screening Database who have been barred from air travel due to having suspected or known ties to terrorist organizations.
The list, according to crimew, appeared to have more than 1.5 million entries in total. The data included names as well as birth dates. It also included multiple aliases, placing the number of unique individuals at far less than 1.5 million.
Read more ....
Update #1: TSA investigating how some no-fly list data was exposed on internet (CNN)
Update #2: U.S. ‘No Fly List’ Leaks After Being Left in an Unsecured Airline Server (VICE)
WNU Editor: Someone screwed up.
No comments:
Post a Comment