Posted on 08/16/2021 4:28:32 PM PDT by algore
A secret terrorist watchlist with 1.9 million records, including classified "no-fly" records was exposed on the internet.
The list was left accessible on an Elasticsearch cluster that had no password on it. Millions of people on no-fly and terror watchlists exposed
July this year, Security Discovery researcher Bob Diachenko came across a plethora of JSON records in an exposed Elasticsearch cluster that piqued his interest.
The 1.9 million-strong recordset contained sensitive information on people, including their names, country citizenship, gender, date of birth, passport details, and no-fly status.
The exposed server was indexed by search engines Censys and ZoomEye, indicating Diachenko may not have been the only person to come across the list: exposed watchlist records
The researcher discovered the exposed database on July 19th, interestingly, on a server with a Bahrain IP address, not a US one.
However, the same day, he rushed to report the data leak to the U.S. Department of Homeland Security (DHS).
"I discovered the exposed data on the same day and reported it to the DHS."
"The exposed server was taken down about three weeks later, on August 9, 2021."
I would love to travel and fly all over the place—in a private jet.
Otherwise, fuggedaboutit!
A private plane would be the only way.
Those are a tad too much for my wallet.
Yep.
Good. Then they know exactly where we stand.
We hate you.
If the Canadian border was open
flights could leave from there
In case anyone is interested, here is the list (purported- I am not vouching for the validity or accuracy)-
https://www.no-fly-list.com/index.php
It gives you a place to enter a person’s name, with a list off to the side, and a total down at the bottom (about 3770). You can change that number to get up or down, took me about 6 or 8 guesses to find my right area, and I am not on it.
Who was responsible for operation of that server? USG? Contractor?
That depends. Is joma89 your first or last name?
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.