An unsecured server on United States airline CommuteAir contained a subset of the “No Fly List” and was leaked by a Swiss hacker known as “Maia Arson Crimew” last week. It contained the identities of approximately 1.5 million individuals from the US Terrorist Screening Database and “No Fly List”.
The news was first revealed by the Daily Dot.
On the list were several notable figures, including the recently freed Russian arms dealer Viktor Bout. Many entries on the list appeared to be of Arabic or Middle Eastern descent.
The spreadsheet “NoFly.csv” contained the names, aliases, and birth dates of over 1.5 million individuals.
The server also contained company data and private information on almost 1,000 CommuteAir employees. Critical personally identifiable information such as passport numbers, addresses, and phone numbers were included.
Over 40 Amazon S3 buckets and servers run by CommuteAir were also exposed.
Surprising to the hacker known as “Crimew” was the apparent ethnic bias of individuals contained on the list. “it’s just crazy to me how big that Terrorism Screening Database is and yet there is still very clear trends towards almost exclusively Arabic and Russian sounding names throughout the million entries.”
CommuteAir confirms the No Fly List leak is legitimate
CommuteAir has confirmed that the leaked No Fly List file is legitimate, but also only a “subset” of the total No Fly List.
In a statement to the Daily Dot, the Transportation Security Administration stated that it was “aware of a potential cybersecurity incident with CommuteAir, and we are investigating in coordination with our federal partners.”
“The server contained data from a 2019 version of the federal no-fly list that included first and last names and dates of birth,” CommuteAir Corporate Communications Manager Erik Kane said. “In addition, certain CommuteAir employee and flight information was accessible. We have submitted notification to the Cybersecurity and Infrastructure Security Agency and we are continuing with a full investigation.”
Although it is considered highly secretive and rarely leaked in the open, the No Fly List is not considered classified information. It is believed to be maintained by the Federal Bureau of Investigations and TSA as part of its Terrorism Screening Database, which is shared across government departments.
The effort stems from the fallout of September 11, 2001, where critical terrorism data was not shared between government agencies.
Discover more from Cybersecurity Careers Blog
Subscribe to get the latest posts sent to your email.