And the hits just keep on coming…
The FBI’s terrorist watch list was available openly on the Internet - no authorisaiton needed.
The information on around 2 million people has been leaked through the database.
Security research Bob Diachenko discovered the list in July on an open Elastic-Search server.
The list, and its No-Fly-List, of potential terrorists, made up of vague evaluations and information or from contacts with other persons on the list, so that they can be identified at checkpoints and handled according to the lists directions - E.g. don’t let them board a plane.
The information on the list includes names, nationality, sex, DoB, passport data and additional information such as no-fly status of the affected persons.
Diachenko reported his findings to Homeland Security, but the list only disappeared 3 weeks later, on the 9th August. He can’t say, whether unauthorized persons have accessed the data, but it could have grave consequences for the people on the list - blackmail, harassment, people being stalked or difficulty at work, if the information is passed on to their employers…
Don’t forget, this is not just a list of known terrorists, it contains people who “could” be terrorists or could have been in contact (knowingly or unknowingly) with a known terrorist. That guy you bumped into at the airport and spilt his coffee? Yeah, he was a suspect and you were caught on camera interacting with him… Was that deliberate or an accident? Not sure, we’ll put you on the list, just to be sure.