Press "Enter" to skip to content

Researcher says a US terrorist watchlist was exposed online for three weeks

The FBI’s Terrorist Screening Center (TSC) could have exposed the information of almost 2 million people and left them accessible online for three weeks. Security researcher Bob Diachenko on July nineteenth that included data just like the title, date of beginning and passport variety of these listed within the database. The cluster additionally included “no-fly” indicators.

According to Diachenko, the watchlist wasn’t password protected. Moreover, it was rapidly listed by search engines like google and yahoo like Censys and ZoomEye earlier than the Department of Homeland Security took the server offline on August ninth. It’s unclear who could have accessed the information.

“I immediately reported it to Department of Homeland Security officials, who acknowledged the incident and thanked me for my work,” Diachenko mentioned in a LinkedIn submit . “The DHS did not provide any further official comment, though.” We’ve reached out to the Department of Homeland Security.

Among the watchlists the TSC maintains is America’s no-fly record. Federal businesses like Transportation Security Administration (TSA) use the database to determine identified or suspected terrorists making an attempt to enter the nation. Suffice to say, the data included within the exposed watchlist was extremely delicate.

A latest bipartisan Senate report not too long ago at a number of federal businesses, together with the Department of Homeland Security. It mentioned most of the our bodies it audited had did not implement even primary cybersecurity practices like multi-factor authentication and warned nationwide safety data was open to theft as a consequence.

All merchandise really useful by Engadget are chosen by our editorial workforce, impartial of our mum or dad company. Some of our tales embrace affiliate hyperlinks. If you purchase one thing by way of one among these hyperlinks, we could earn an affiliate fee.