TSA’s No Fly List is LEAKED: 1.5 million entries found on an unsecured server

A copy of the Transportation Security Administration’s (TSA) No Fly List, which contains 1.5 million entries, was leaked online after a Swedish hacker discovered it on an unprotected server.

As first reported on by The Daily Dot, the list includes names of potential IRA members, many of Middle Eastern descent and the recently freed Russian arms dealer Viktor Bout – among others.

The hacker, who goes by crimew, shared on their blog that the list ‘is indeed a copy of the No Fly List from 2019,’ which also includes employee names, addresses, passport numbers and pilot’s license numbers.

A TSA spokesperson told DailyMail.com that the organization is ‘aware of a potential cybersecurity incident’ and is collecting questions about the leak to answer at some point shortly.

The No Fly list includes names of known or suspected terrorists who are banned from flying to or in the US. 

The screening program grew out of the September 11, 2001, terrorist attacks and involved airlines comparing their passenger records with federal data to keep dangerous people off planes. 

However, the list has since shrunk over the years. 

The server is run by CommuteAir, which is why there were nearly 1,000 employees shown in the trove of data.

Erik Kane, corporate communications manager for CommuteAir said there was a ‘misconfiguration, which caused the server to be exposed.

‘The researcher accessed files, including an outdated 2019 version of the federal no-fly list that included first and last name and date of birth,’ Kane said in a statement.

‘Additionally, through information found on the server, the researcher discovered access to a database containing personal identifiable information of CommuteAir employees.’

crimew shared a blog about their discovery, which they made while scrolling through shodan that lets people see through servers connected to the internet.

And the hacker notes it was their boredom that they uncovered the TSA’s No Fly List.

‘Hardcoded credentials there would allow me access to navblue apis for refueling, canceling and updating flights, swapping out crew members and so on,’ the post reads.

News of the leak surfaced Friday, which sparked US officials to weigh in on the breach.

Republican Congressman Dan Bishop shared a tweet: ‘Besides the fact that the list is a civil liberties nightmare, how was this info so easily accessible? We’ll be coming for answers.’

The list includes names of potential IRA members, many of Middle Eastern descent and the recently freed Russian arms dealer Viktor Bout (pictured) – among others

The hacker, who goes by crimew (pictured), shared on their blog that the list ‘is indeed a copy of the No Fly List from 2019

The breach follows a computer glitch in the Federal Aviation Authority (FAA) system that led to more than 10,000 delays and over 1,000 cancelations on January 12.

Major airports including JFK, LAX, Miami and Atlanta all had issues two days after the computer meltdown, with experts fearing it may continue into the weekend. 

The FAA confirmed on January 20 that a computer glitch caused by a contractor mistakenly deleting files brought America’s airspace to a standstill last week for the first time since 911 – but has not named the culprit.

A preliminary report showed that ‘contract personnel unintentionally deleted files while working to correct synchronization between the live primary database and a backup database,’ the FAA said.

The investigation is ongoing, but the agency said it has not yet found any evidence linking the incident to malicious intent or a cyber attack.