Hacktivist Discovered U.S. No Fly List on Unsecured Airline Server


A copy of the No Fly List from 2019 has leaked, uncovered by a Swiss cybersecurity researcher and hacktivist who claims to have discovered it on an unsecured internet server belonging to an airline.

The Daily Dot first reported news that a hacktivist who uses the moniker maia arson crimew found the list one evening while browsing a Shodan, a search engine for Internet-connected devices. According to crimew, a publicly accessible server run by CommuteAir contained a text file titled “NoFly.csv” with more than 1.5 million names.

The Transportation Security Administration said in a statement that it is “is aware of a potential cybersecurity incident, and we are investigating in coordination with our federal partners.”

The No Fly List contains names/aliases and birthdates of individuals who are known or suspected to be terrorists. The list prohibits those on it from flying on commercial airlines traveling within, to or from the U.S. The list included known Russian arms dealer Viktor Bout along with 16 possible aliases for him, crimew said. While the list contained names from a range of backgrounds, including suspected members of the IRA, an Irish paramilitary organization, many names appeared to be of Arabic or Middle Eastern descent, according to crimew.

“It’s just crazy to me how big that Terrorism Screening Database is and yet there is still very clear trends towards almost exclusively Arabic and Russian sounding names throughout the million entries,” crimew said to The Daily Dot. Some people on the list, crimew said, would have been only four or five years old at the time they were on the list.

“What problem is this even trying to solve in the first place?” crimew told Business Insider. “I feel like this is just a very perverse outgrowth of the surveillance state. And not just in the U.S., this is a global trend.”

The list has grown by hundreds of thousands since the attacks on Sept. 11, 2001, and civil liberties groups, including the Council on American-Islamic Relations (CAIR) and American Civil Liberties Union (ACLU) have filed lawsuits claiming discrimination.

In a statement to CNN, CommuteAir said that the data on the server contained “an outdated 2019 version of the federal no-fly list” with names and birth dates. The airline said it has taken the server offline after being contacted by a “member of the security research community.”


The leak could lead to an investigation from Congress. “The entire US no-fly list — with 1.5 million+ entries — was found on an unsecured server by a Swiss hacker,” Rep. Dan Bishop (R-N.C.), who sits on the House Homeland Security Committee, wrote in a tweet. “Besides the fact that the list is a civil liberties nightmare, how was this info so easily accessible?”

Congress “will be coming for answers,” Bishop added.

Stay connected with us on social media platform for instant update click here to join our  Twitter, & Facebook

We are now on Telegram. Click here to join our channel (@TechiUpdate) and stay updated with the latest Technology headlines.

For all the latest Hollywood News Click Here 

Read original article here

Denial of responsibility! Rapidtelecast.com is an automatic aggregator around the global media. All the content are available free on Internet. We have just arranged it in one platform for educational purpose only. In each content, the hyperlink to the primary source is specified. All trademarks belong to their rightful owners, all materials to their authors. If you are the owner of the content and do not want us to publish your materials on our website, please contact us by email – [email protected]. The content will be deleted within 24 hours.
Leave a comment