Cyber security researcher Bob Diachenko has unearthed an unsecured ElasticSearch server containing nearly two million terrorist watchlist records, including "no-fly" list indicators, which were left exposed for a period of three weeks between July 19th and August 09th.
Earlier this week, Diachenko posted a message and said, “On July 19, I discovered a terrorist watchlist containing 1.9 million records online without a password or any other authentication required to access it." The unprotected server had a Bahrain IP address but it remains unclear whether the server was owned by the US or any other country.
Diachenko immediately reported his discovery to the US Department of Homeland Security, but the records weren't taken down until August 09. The leaked records contained passport details, full name, dates of birth, citizenship, gender, TSC watchlist, country of issuance, and no-fly indicator.
“The watchlist came from the Terrorist Screening Center, a multi-agency group administered by the FBI, which maintains the country's no-fly list, a subset of the larger watchlist. A typical record in the list contains full name, citizenship, gender, date of birth, passport number, no-fly indicator, and more,” he informed.
No-fly list
The exposed data belongs to the people who are suspected as terrorists but have not necessarily been charged with any crime.
"If it falls in wrong hands, this list could be used to oppress, harass or persecute people mentioned on the list and their families. It could cause any number of personal and professional problems for innocent people whose names are included in the list," Diachenko said.
Prior to 2015, the terrorist watchlist was completely confidential. Then the US government modified its policy and began privately informing US citizens who were added to the list, but foreigners still often can't find out whether they're on the no-fly list until they try to board a plane.
Several media reports suggest that the US officials are recruiting informants in exchange for keeping their names off the no-fly list. Some past or present informants' identities could have been exposed. The Terrorist Screening Center (TSC) was set up by the US Federal Bureau of Investigation (FBI) in 2003.
The discovery of the exposed records comes just a month after the DHS, the Department of Justice, and other federal agencies -- launched a new website with the sole motive of combating the threat of ransomware.