The data, which allegedly contained hundreds of thousands of names and birth dates, was found by the hacker after regional airline CommuteAir left it on an open server.
A 23-year-old Swiss hacker discovered an unsecured server that contained the identities of hundreds of thousands of individuals who were on an old version of the US Government’s No Fly List and Terrorist Screening Database, Daily Dot reports.
The unsecured Amazon Web Services cloud server in question was hosted by Ohio-based regional airline CommuteAir, according to the hacker, and in addition to the No Fly List, it contained private information on almost 1,000 of the airline’s employees. This information reportedly included their passport numbers, addresses, and phone numbers.
Several well-known names were included on the exposed No-Fly list, such as Viktor Bout, a Russian arms dealer who was released from a US prison last month as part of an exchange with US basketball player Brittney Griner.
CommuteAir told the Daily Dot that the server contained data from an old 2019 version of the US no-fly list and that it was taken offline last week after it had been flagged.
