A U.S. Congressman has promised a full investigation after a Daily Dot-exclusive report revealed a copy of the ‘No Fly List’ published on an open server
In January 2023, a Swiss researcher and hacker, known as maia arson crimew alerted Daily Dot staff writer Mikael Thalen about a 2019 version of the No Fly List, which was available on an unprotected internet server, run by U.S. national airline CommuteAir. The famous List is a database of individuals suspected or accused of terrorism who have been barred from flying into or out of the U.S.
Following the Daily Dot’s exclusive, the story made national headlines. Within days, the news was widely covered across outlets including Business Insider, CNN, Vice, The Washington Examiner, Wired, and Rolling Stone. “This is one of the biggest national security stories since the Snowden leaks,” said David Covucci, the Daily Dot’s Senior Politics and Technology Editor.
Days later, Rep. Dan Bishop (R-N.C.) indicated on Twitter that this news would lead to a congressional investigation on how this sensitive information was left online.
Thalen additionally reported on how this leak led The Council on American-Islamic Relations, the largest Muslim civil rights organization in the U.S., to release a statement calling for the FBI to stop distributing The No Fly List. The press release emphasized that the list had overwhelmingly consisted of “Arabic and Muslim names.”
Speaking with Andrew Wyrich, editor of the Daily Dot’s newsletter web_crawlr, Thalen discussed the extensive process of ensuring these sensitive documents were handled with care. “When dealing with something as sensitive as the No Fly List, it is imperative to do your due diligence,” Thalen said.
“The No Fly list contained over 1.5 million rows of data, which included names, aliases, and birthdates for people from across the globe. Both the security researcher and myself were shocked that such a document would be left on an unsecured development server.”
As the only major publication focused on internet culture, the Daily Dot’s coverage of information security frequently leads world coverage. Recent highlights include coverage on Russia’s efforts against hacktivism, exposed data on an anti-vax dating site, and the Epik data breach.