"Hacker Finds Copy of TSA No-Fly List on Exposed Cloud Storage"

In another instance of misconfigured cloud storage, a Swiss hacker discovered a copy of the US Transportation Security Administration's (TSA) "no-fly list" exposed on the Internet. The exposed database was discovered on a server operated by the regional airline CommuteAir. The hacker discovered the unsecured data using Shodan, a search engine used to identify Internet-accessible servers. It was discovered that the server operated by CommuteAir, which mostly runs regional flights for United Airlines, exposed the private information of about 1,000 employees along with a file named "NoFly.csv." The file contains 1.5 million records in total, including names and birth dates. However, the overall number of unique records in the database is likely to be lower when aliases are considered. This article continues to discuss the exposure of TSA's no-fly list due to misconfigured cloud storage. 

SiliconANGLE reports "Hacker Finds Copy of TSA No-Fly List on Exposed Cloud Storage"