A 23-year-old Swiss hacker discovered an unsecured server that contained the identities of hundreds of thousands of individuals who were on an old version of the US Government’s No Fly List and Terrorist Screening Database, Daily Dot reports(Opens in a new window).
The unsecured Amazon Web Services cloud server in question was hosted by Ohio-based regional airline CommuteAir, according to the hacker, and in addition to the No Fly List, it contained private information on almost 1,000 of the airline’s employees. This information reportedly included their passport numbers, addresses, and phone numbers.
Several well-known names were included on the exposed No-Fly list, such as Viktor Bout, a Russian arms dealer who was released from a US prison last month as part of an exchange with US basketball player Brittney Griner.
CommuteAir told the Daily Dot that the server contained data from an old 2019 version of the US no-fly list and that it was taken offline last week after it had been flagged. A spokesperson added that no customer information had been exposed.
A CommuteAir communications representative told the Daily Dot that the airline had notified the Cybersecurity and Infrastructure Security Agency and was continuing with a “full investigation” into the server.
In a statement to CNN, The Transportation Security Administration (TSA) said it was “aware of a potential cybersecurity incident” and that it was investigating it “in coordination with our federal partners.”
The hacker also told Daily Dot that they had found the exposed No Fly List while searching for automated servers that aid in the building, testing, and deployment of software. They were using Shodan, a specialized search engine used by the cybersecurity community to locate servers exposed to the internet.
Individuals on the Terrorist Screening Database can be subject to additional security checks and searches when traveling, while the smaller No-fly list is a set of known or suspected terrorists who are barred from flying to or in the US.
Recommended by Our Editors
According to a memo to current and former CommuteAir employees obtained by CNN, the airline was made aware of a data breach in November after an “unauthorized party” accessed personal information held by the airline including names, birthdays and the last four digits of Social Security numbers.
Speaking to The Daily Dot, the hacker, known as maia arson crimew, pointed out the fact that the list extensively featured names that were of Arabic and Russian descent: “It’s just crazy to me how big that Terrorism Screening Database is and yet there is still very clear trends towards almost exclusively Arabic and Russian sounding names throughout the million entries.”
The Swiss national was previously part of a group of hackers that breached US security camera maker Verkada(Opens in a new window), which saw over 150,000 cameras in hospitals in prisons being accessed. The point of the breach, the hackers said, was to highlight the extent of surveillance in society.
Like What You’re Reading?
Sign up for SecurityWatch newsletter for our top privacy and security stories delivered right to your inbox.
This newsletter may contain advertising, deals, or affiliate links. Subscribing to a newsletter indicates your consent to our Terms of Use and Privacy Policy. You may unsubscribe from the newsletters at any time.
Hits: 0
