A secret terrorist watchlist with 1.9 million records, including classified “no-fly” records was exposed on the internet. The list was left accessible on an Elasticsearch cluster that had no password on it. Millions of people on no-fly and terror watchlists exposed. In July this year, Security Discovery researcher Bob Diachenko came across a plethora of JSON records in an exposed Elasticsearch cluster that piqued his interest. The 1.9 million-strong recordset contained sensitive information on people, including their names, country citizenship, gender, date of birth, passport details, and no-fly status. The exposed server was indexed by search engines Censys and ZoomEye, indicating Diachenko may not have been the only person to come across the list.
Donate today and support the work I do seven days a week. Each day I publish more than a dozen news articles and videos, from honest, independent and reliable sources, on a completely ad-free website. Thank you in advance for your generosity, so that EarthNewspaper.com All The Honest News Fit To Publish may keep growing.