Follow Slashdot stories on Twitter

 



Forgot your password?
typodupeerror
×
Security Databases

Secret Terrorist Watchlist With 2 Million Records Exposed Online (bleepingcomputer.com) 87

A secret terrorist watchlist with 1.9 million records, including classified "no-fly" records was exposed on the internet. The list was left accessible on an Elasticsearch cluster that had no password on it. BleepingComputer reports: July this year, Security Discovery researcher Bob Diachenko came across a plethora of JSON records in an exposed Elasticsearch cluster that piqued his interest. The 1.9 million-strong recordset contained sensitive information on people, including their names, country citizenship, gender, date of birth, passport details, and no-fly status. The exposed server was indexed by search engines Censys and ZoomEye, indicating Diachenko may not have been the only person to come across the list.

The researcher discovered the exposed database on July 19th, interestingly, on a server with a Bahrain IP address, not a US one. However, the same day, he rushed to report the data leak to the U.S. Department of Homeland Security (DHS). "I discovered the exposed data on the same day and reported it to the DHS." "The exposed server was taken down about three weeks later, on August 9, 2021." "It's not clear why it took so long, and I don't know for sure whether any unauthorized parties accessed it," writes Diachenko in his report. The researcher considers this data leak to be serious, considering watchlists can list people who are suspected of an illicit activity but not necessarily charged with any crime. "In the wrong hands, this list could be used to oppress, harass, or persecute people on the list and their families." "It could cause any number of personal and professional problems for innocent people whose names are included in the list," says the researcher.

This discussion has been archived. No new comments can be posted.

Secret Terrorist Watchlist With 2 Million Records Exposed Online

Comments Filter:
  • came across a plethora of JSON records in an exposed Elasticsearch cluster

    ...clusterfuck.

    Imagine a ... no, don't.

    • by Falos ( 2905315 )

      A question occurred to me. https://www.beowulf.org/piperm... [beowulf.org]

      Best I can tell, simply because the poem involved organizing 14 warriors to a task.

      • by Falos ( 2905315 )

        Wait, maybe not even that.

        But Sterling now admits this tale was invented in hindsight. In fact, he chose the name when a Goddard program administrator called and asked for a name on the spot. "I was helplessly looking around for any inspiration," he says. His mother had majored in Old English, and so he happened to have a copy of the early Anglo epic sitting in his office.

        "I said, 'Oh hell, just call it Beowulf. Nobody will ever hear of it anyway.'"

        https://spinoff.nasa.gov/Spino... [nasa.gov]

  • select * from parler left join gop.fundraiser, left join donaldtrump.com;
    • select * from parler left join gop.fundraiser, left join donaldtrump.com;

      It sounds like you want us to hate you. Was that your intent?

      Also, lots of your side are complaining *right now* that we won't do what you want - climate change, Covid, UBS, immigration, or whatever.

      Does making us hate you get you closer or further from those goals?

      • It sounds like you want us to hate you. Was that your intent?

        Also, lots of your side are complaining *right now* that we won't do what you want - climate change, Covid, UBS, immigration, or whatever.

        Does making us hate you get you closer or further from those goals?

        Only a malignant narcissist would destroy the planet to get back at someone they disagree with ideologically.

    • by c-A-d ( 77980 )

      It's amazing the amount of conflation that the rabid left will go to.

    • by Tablizer ( 95088 )

      Hmmm, are commas allowed in Join clauses?

  • by Aristos Mazer ( 181252 ) on Monday August 16, 2021 @04:55PM (#61698593)

    If so, take a moment to add the IT security folks name to the list before reporting the leak. It'll never happen again.

  • New name for our government: SNAFU
    • According to Marcinko, there are three levels of FU'd-ness.

      SNAFU is the first, and lowest level. It is the Normal situation: "Situation Normal, All F'ed Up."

      TARFU is the intermediate level: "Things Are REALLY F'ed Up."

      The highest level is FUBAR: "F'ed Up Beyond All Recognition". (Some authorities, Marcinko included, expand the acronym as "F'ed Up Beyond All Repair".) This event clearly rises to that highest level.

      • by Tablizer ( 95088 )

        Rumsfeldian translation: There are known fuckups and unknown fuckups that only become known if they are so fucked up that nobody can hide them anymore, but at that stage the results remove all observers such that it becomes the second category again.

  • by drkshadow ( 6277460 ) on Monday August 16, 2021 @05:02PM (#61698605)

    When you regard 1 in 3000 people as your violent enemy, perhaps you're doing something wrong.

    • Very true. Unfortunately, those who think this way are often completely incapable of self-reflection, for fear of what they have become.

    • The converse is also true then. If you regard 2,999 or 3,000 people as not violent enemies, perhaps you are doing something right!

  • "It could cause any number of personal and professional problems for innocent people whose names are included in the list," says the researcher.

    It still makes me wonder what kind of people do make that list. How many government critical but not violent people are going to be among them? 1.9 million is not a small number even if you consider the scales here.

  • by flyingfsck ( 986395 ) on Monday August 16, 2021 @05:15PM (#61698645)
    The population of Washington DC is that big?
  • Or could this be the result of a query of a honeypot. With fake data inserted linking to the logon ID, IP address and other identifying information of whoever grabbed the original copy?

  • "It could cause any number of personal and professional problems for innocent people whose names are included in the list," says the researcher.

    Sure. That's one take. Another take is that it could enable innocent people whose names are included on the list to KNOW it and clear up whatever misunderstanding has them wrongly listed.

    I totally get keeping things quiet while you've got an active investigation of some sort. You suspect someone of wrongdoing, so you're gathering evidence and proof. You don'
  • The no-fly list is just valid for commercial flights.

  • by e3m4n ( 947977 ) on Monday August 16, 2021 @06:10PM (#61698809)
    It should read *Formerly* Secret Terrorist Watchlist.
  • the 'keys' to the database.

  • ... personal and professional problems for innocent people ...

    Like not being able to travel to another city or country: But it's okay when government does it.

  • ...what kinds of people are on that list. You know, to try to work out what the the list is actually for rather than what they claim it's for. I'm guessing we'd find a fair number of journalists, lawyers & aid workers who defend human rights issues & investigate war crimes.
  • ‘Homeland Security’ is a joke and run by a bunch of political appointee clowns.
  • The great thing about watchlists is that anyone can create their own. Why do we think this Bahranian watchlist was real, let alone used by the U.S. (or any) government?
  • The main value of such a list is so you know whom NOT to send to try to bring down a plane, or do other nasty deeds.

The Tao is like a glob pattern: used but never used up. It is like the extern void: filled with infinite possibilities.

Working...