Hackers claim to be selling leaked US ‘No Fly’ list

Updated on: 27 January 2023

Paulina Okunytė
Journalist

A recently leaked US ‘No Fly’ list with a million entries was allegedly posted on hacker forums.

On January 26, a threat actor listed a dataset for sale that allegedly is the recently leaked ‘No Fly’ list. The exposed files contained more than 1.5 million entries with full names and birth dates of individuals denied boarding an aircraft and around 250,000 entries of selectees who must undergo additional security screening before flying.

Screenshot of the file allegedly to be a 'No Fly' list

The ‘No Fly’ list is a small subset of the US government's Terrorist Screening Database, which includes the personal information of identified or suspected terrorists. It is managed by the FBI's Terrorist Screening Center.

Screenshot of the post in a hacker forum

Found data on an unprotected server

A Swiss hacker using the pseudonym "maia arson crimew" was the first to find a redacted 2019 version of the anti-terrorism ‘no fly’ list on the Michigan-based airline CommuteAir server on January 12.

The hacker found a database while searching for unsecured servers online. One stumbled upon "NoFly.csv" and "selectee.csv" files that contained more than 1.5 million entries, including names and dates of birth of people identified by the FBI as "known or suspected terrorists" who are prevented from boarding aircraft. Additionally, the server stored confidential CommuteAir employee information, such as passport numbers.

CommuteAir confirmed the authenticity of the data and stated that it was a "federal no-fly list." Erik Kane, corporate communications manager for CommuteAir, said to Daily Dot there was a 'misconfiguration, which caused the server to be exposed.

According to their initial investigation, the company claimed that the server was taken offline in advance and did not expose any customer information.

Hackers claim to be selling leaked US ‘No Fly’ list

Found data on an unprotected server

More from Cybernews: