In a major threat to the integrity of the United States’ security, the FBI’s secret watchlist, containing the names of some 1.9 million suspected terrorists, has been leaked. The leak was first brought to light back in July by cybersecurity researcher Bob Diachenko, who later filed a report with the Department of Homeland Security. However, the authority has seemed to have made a response on the report only around three weeks after when it was filed.
Diachenko has expressed concern over the delay, while adding that he is not sure whether or not the data was accessed by any unauthorized parties. The news was first reported by Bleeping Computer, followed by Diachenko explaining that the watchlist was already openly available to search engines like Zoomeye and Censys (both of which are known to be hacker-friendly), and that too, without needing any passwords.
The No-Fly List
The data set apparently comes from the Terrorist Screening Center (TSC), which is a federal collective led by the FBI itself, and is responsible for maintaining the records of the people on the US government’s no-fly list, which, in turn, is part of the FBI’s terrorist watchlist. Diachenko says that the IP addresses that are linked to the leaked TSC database are situated at Bharain, which is in accordance with the fact that there are some “international partners” to the Center as well. The people on the list are believed to be potential terrorists, and consequently, are prohibited from boarding any plans within, into, or out of, the US.
The leaked list contains close to 2 million names, though the researcher says that he is not sure if it is the complete list, or just a subset of the same. No-fly statuses, full names, genders, citizenships, and passport numbers have been compromised, among other data.
Innocent Lives At Risk?
While the list is said to contain the names of potential terrorists, there is no doubt that at least a few of the names in there actually belong to innocent people, since the no-fly list often brands many such individuals as threats, on the basis of faulty data. What’s worse is that it is very hard to get one’s name removed from the list, even if they haven’t been charged with any crime.
Diachenko fears that if the “wrong hands” gain access to the FBi’s secret watchlist, they could make use of the same to “oppress, harass, or persecute people.”