A 23-year-old Swiss hacker discovered an unsecured server containing the identities of hundreds of thousands of people on an old version of the US government’s “No Fly List” and terrorist screening database, the Daily Dot writes.(Opens in a new window).
The unsecured Amazon Web Services cloud server, according to the hacker, was hosted by Ohio regional airline CommuteAir and, in addition to the No Fly List, contained private information about nearly 1,000 airline employees. This information reportedly included their passport numbers, addresses and phone numbers.
The No-Fly list that was revealed included some well-known names, such as Victor Butt, the Russian arms dealer who was released from a US prison last month in an exchange for American basketball player Brittney Greener.
CommuteAir told the Daily Dot that the server contained data from an older 2019 version of the US no-fly list and that it had been flagged last week. The spokesperson added that no customer information was disclosed.
A CommuteAir spokesperson told the Daily Dot that the airline has notified the Cybersecurity and Infrastructure Security Agency and is continuing a “full investigation” of the server.
In a statement to CNN, the Transportation Security Administration (TSA) said it was “aware of a potential cybersecurity incident” and that it was investigating “in coordination with our federal partners.”
The hacker also told the Daily Dot that they found the exposed No Fly List while looking for automated servers that help build, test and deploy software. They used Shodan, a specialized search engine used by the cybersecurity community to find servers on the Internet.
Individuals on the Terrorist Screening Database may be subject to additional security checks and searches while traveling, while the smaller “No Fly” list is a set of known or suspected terrorists who are prohibited from flying to or from the United States.
Recommended by our editors
According to a memo from current and former CommuteAir employees obtained by CNN, the airline was notified of the data breach in November after an “unauthorized party” accessed personal information held by the airline, including names, birthdays and Social Security numbers. the four digits. numbers.
Speaking to The Daily Dot, the hacker known as maia arson crimew pointed out the fact that the list includes names of Arabic and Russian origin. there are still very clear trends towards almost exclusively Arabic and Russian-sounding names in the millions of entries.”
The Swiss national was previously part of a hacker group that hacked the American security camera company Verkada.(Opens in a new window), which saw more than 150,000 cameras made available in prison hospitals. The point of the breach, the hackers said, was to highlight the extent of surveillance in society.
Like what you read?
Register for something Security Watch: newsletter for our top privacy and security stories delivered straight to your inbox.