A screenshot of the FBI’s terrorist watchlist, which was published online between July 19th-2021, was revealed by a security researcher today.
The FBI Terrorist Screening Center was named this database in 2003 after the terrorist attacks of 11.11. The FBI manages this database. It contains the names and personal data of people “known or reasonably suspected” to have been involved in terrorist activity.
While the FBI is responsible for managing the database, several US government agencies have access to it, including the Department of State and Department of Defense.
While the database contains information about suspected terrorists, it’s also known in popular culture under the name of the US No Fly List. This is a list that US authorities and international airline pilots use to allow entry into the US.
Three weeks later, the exposed server was taken down
Bob Diachenko from Security Discovery Cyber Threat Intelligence director stated today that he discovered a copy TSC database on a Bahrainian Internet address.
Diachenko stated, “The exposed Elasticsearch Cluster contained 1.9 Million records.” “I don’t know how much of the complete TSC Watchlist it held, but it seems plausible it was exposed.”
Information that was exposed included data points such:
TSC watchlist ID
Date of Birth
Country of issuance
This appears to be the TSC database (Terrorist Screening Centre), that has been publicly exposed (tsc_id, is the only clue), and includes 1.9M+ entries. Is there any way to report the situation responsibly? pic.twitter.com/e31pSrHnoM
Bob Diachenko (@MayhemDayOne July 19, 2021
Diachenko stated he notified Department of Homeland Security that July 19 was the date the database was indexed through search engines Censys/ZoomEye. He also said that he found the data.
The server was eventually taken down on August 9, 2020, three weeks after it was exposed. It is unclear why it took so many weeks, and I do not know if any unauthorized persons accessed it.
Bob Diachenko Cyber Threat Intelligence Manager at Security Discovery
Contacted earlier by The Record, FBI did not reply.
It isn’t clear whether the Elasticsearch server exposed was managed or illegally obtained by any US agency.
Although the existence the TSC database was kept secret over a decade ago, DHS began notifying US citizens when the No Fly List was added to their TSC.
Uncertain if DHS and the FBI will be required to notify US citizens, who were added to the TSC No Fly List, that their data has been exposed online.