FBI: List of Possible Terrorists Ends Online Without Password
The Terrorist Screening Center (TSC) the FBI allegedly exhibited online for three weeks one list of possible American terroristsshowing i data of over 2 million people. The watchlist collected information such as name, date of birth, passport number. And it wouldn’t be password protected.
A list of FBI terrorists displayed online, with no passwords
According to reports from the computer security researcher Bob Diachenkothe government watchlist it was not password protected. Not only that, but in a short time search engines like Censys And ZoomEye they indexed the page with the names of 2 million Americans. That he was under surveillance for national security reasons.
Diachenko explains: “I immediately reported the information to the agents of the Department of Homeland Security, who they recognized the mistake and they thanked me for my work ”. However, Homeland Security and the FBI have not released any statements regarding the incident, which therefore at the moment remains only confirmed by Diachenko, given that since 9 August the page with the names is offline.
Among the information on the watchlist are the Americans on the “no fly list“, Who cannot take the plane because they are suspected of terrorism. The term “suspects” is of vital importance in this news: American agencies reserve the right to monitor citizens even in the absence of certain evidence for national security. Or at least without the evidence that would be needed in a normal police investigation. In those two million people there is a not remote possibility that there were people who were completely strangers to internal terrorist groups. And in any case, the information on the list was secret and highly sensitive.
Federal agencies with little attention to cybersecurity
A recent US Senate investigation reported as federal agencies we have major gaps in their computer systems. In many cases, there is a lack of multi-factor authentication to access secret data for national security reasons. Furthermore, collaboration with private individuals (such as with facial recognition) often occurs without the necessary control procedures. If Diachenko’s news is confirmed, it would be further proof that government agents need to improve in cybersecurity.