A security researcher, Bob Dichenko, discovered a secret terrorist watchlist with 1.9 million records, including classified “no-fly” records exposed on the Internet. The list was left accessible on an Elasticsearch cluster that had no password required to access it. Diachenko believes the list originated from the FBI’s Terrorist Screening Center (TSC), which is used by multiple federal agencies and maintains a watchlist commonly referred to as the “no-fly” list. The researcher identified the list on July 19th and immediately informed the proper authorities. The exposed server was taken down three weeks later.
When evaluating a Managed Detection & Response (MDR) service there are 5 critical components that