Database Security Snafu Exposes America’s Secret Terrorist Watchlist

  • A classified terrorist watchlist has been exposed online due to a database misconfiguration.
  • The period of exposure reached almost three weeks, essentially guaranteeing the exfiltration of the data.
  • The particular watchlist was set up by the FBI and is accessible only by a small number of agencies and authorized officials.

Approximately 1.9 million records that constitute the Terrorist Screening Center’s secret watchlist have been left online and accessible by anyone with a web browser and a valid URL, due to a configuration error. The discovery of this exposure comes from the “unprotected database hunter” Bob Diachenko, who found the watchlist on July 19, 2021, and immediately reported the incident to the US Department of Homeland Security.

Unfortunately, it took the officials another three weeks before they eventually secured the exposed server on August 9, 2021, allowing plenty of time for unauthorized access.

Each of the 1.9 million records contained the following information:

  • Full name
  • TSC watchlist ID
  • Citizenship
  • Gender
  • Date of birth
  • Passport number
  • Country of issuance
  • No-fly indicator

The problem with the particular exposure is that a large number of people suspected of terrorism or participation in shady circles may now learn about the fact that the authorities have spotted them and take measures to hide their activities and protect their dangerous secrets better in the future. This list was supposed to be classified and only available to the FBI, the Department of State, the Department of Defense, the TSA, the CBP, and some international partners. Even in these agencies, only authorized officials should be able to access the watchlist to conduct screening, etc.

So, is there any chance the data wasn’t noticed by malicious actors or others who are willing to propagate this info to key people? Diachenko states that he has not seen any signs of access, but it’s highly unlikely that the exposure went unnoticed for so long. Upon its discovery in July, it had already been indexed by Censys and ZoomEye, and this remained the case for three more weeks. That’s way more than the few hours typically required for actors to find an exposure incident and exfiltrate the contained data.

Finally, it is also worth noting that the very existence of the particular watchlist is highly controversial, as entering it is an arbitrary matter with severe repercussions on the individuals and not the outcome of a fair and transparent process of evidence evaluation. As such, its exposure could even result in the scrapping of the project.



Why Is Demon Slayer So Popular?

In August 2019, the world suddenly started talking about an anime series that had just released its nineteenth episode. Fast forward to...

F1 Live Stream 2022: How to Watch Formula 1 Without Cable

There's not much time until the 2022 Formula 1 World Championship gets underway - the first race is scheduled for late March,...

Disney+ Announces Basketball Series Inspired By Award-Winning Book The Crossover

Disney Plus announced a new basketball-themed drama series that is set to land on the streaming platform, drawing inspiration from the critically...
For a better user experience we recommend using a more modern browser. We support the latest version of the following browsers: For a better user experience we recommend using the latest version of the following browsers: Chrome, Edge, Firefox, Safari