News

DHS Secret Terror Watchlist With Nearly 2 MILLION People On It Exposed Online With NO PASSWORD

(Chris Menahan | Information Liberation) – The Department of Homeland Security under Alejandro Mayorkas earlier this year revealed plans to declare their political opposition “suspected domestic extremists” and strip them of their rights by placing them on the No Fly List.

Every indicator suggests Mayorkas has followed through on those plans and has been rapidly expanding the regime’s No Fly List and terror watchlist by adding dissidents such as America First talk show host Nick Fuentes to them.

According to a newly released report from security researcher Volodymyr Diachenko, DHS last month had their highly-secretive terror/no fly watchlist with nearly 2 million so-called “suspected terrorists” on it exposed on the open internet “without a password or any other authentication required to access it.”

Despite DHS being immediately alerted to the astonishing act of incompetence by Diachenko, they took three weeks to take the exposed database down. That means the entire list could potentially be in the hands of our foreign adversaries’ while American dissidents are being blocked from knowing whether they are on these lists and being forced to go through legal hell to fight to get off the lists in order to get their rights back.


From Volodymyr Diachenko, “America’s secret terrorist watchlist exposed on the web without a password: report”:

On July 19, 2021 I discovered a terrorist watchlist containing 1.9 million records online without a password or any other authentication required to access it.

The watchlist came from the Terrorist Screening Center, a multi-agency group administered by the FBI. The TSC maintains the country’s no-fly list, which is a subset of the larger watchlist. A typical record in the list contains a full name, citizenship, gender, date of birth, passport number, no-fly indicator, and more.

I immediately reported it to Department of Homeland Security officials, who acknowledged the incident and thanked me for my work. The DHS did not provide any further official comment, though.

Timeline of the exposure

On July 19, 2021, The exposed server was indexed by search engines Censys and ZoomEye. I discovered the exposed data on the same day and reported it to the DHS.

The exposed server was taken down about three weeks later, on August 9, 2021. It’s not clear why it took so long, and I don’t know for sure whether any unauthorized parties accessed it.

What data was exposed?

The exposed Elasticsearch cluster contained 1.9 million records. I do not know how much of the full TSC Watchlist it stored, but it seems plausible that the entire list was exposed.

Each record in the watchlist contained some or all of the following info:

– Full name
– TSC watchlist ID
– Citizenship
– Gender
– Date of birth
– Passport number
– Country of issuance
– No-fly indicator

The data also included a couple of categorical fields that I was unable to identify, including “tag,” “nomination type,” and “selectee indicator”.

Read Full Article >

More in:News

Leave a Comment