This is embarrassing.
A cybersecurity hacktivist appears to have leaked the Transportation Security Administration’s no-fly list, a highly sensitive document, after finding it on an unsecured server. daily dot report.
Not surprisingly, the TSA is now investigating how the data was leaked.
Republican Rep. Dan Bishop, who serves on the House Homeland Security Committee, called it a major blunder in cybersecurity protocols that has already infuriated lawmakers “who come for answers.” put it.
“Swiss hackers discovered the entire US no-fly list with more than 1.5 million entries on an unsecured server,” said Bishop. murmured“Adding to the fact that the list is a civil liberties nightmare, how was this information so easily accessible?”
The incident never happened at the worst possible time. The last few months have been chaotic for TSA. For example, earlier this month, computer problems forced the Federal Aviation Administration (FAA) to cancel thousands of flights.
A text file named “NoFly.csv” was found on a server operated by the US airline CommuteAir. daily dot report.
This document contains a list of names and aliases of persons who are prohibited from boarding aircraft in the United States. This is a subset of individuals enrolled in the terrorist screening database.
Its existence has been challenged by many privacy groups and civil liberties advocates over the years.
The extensive list reportedly included a recently freed Russian arms dealer, a suspected member of the Irish militia IRA, and an 8-year-old child.
Many of the entries “appeared to be of Arabic or Middle Eastern descent,” according to the report.
The hacker said, “It’s just unbelievable to me how big the terror screening database is. Yet, across the million entries, Arabic and Russian-sounding names will be almost exclusively.” There are still very clear trends,” he said. daily dot.
cyber security incident
The documents also contained sensitive personal data of more than 900 CommuteAir employees, including passport numbers and addresses.
This is an embarrassing incident that shows how vulnerable these databases are to leaking to the general public.
And it goes without saying that the TSA is a fundamentally broken, unjust, bloated organization that hardly justifies its existence in the first place.
read more: EXCLUSIVE: US Airlines Accidentally Publishes “No Fly List” on Unsecured Servers [Daily Dot]
TSA details: FBI says Apple’s new encryption is ‘very concerning’