A hacker stumbled upon an unsecured data file of people on the US no-fly list.
The no-fly list contains people deemed a flight risk, including known and suspected terrorists.
It contained over 1.5 million people.
The Swiss hacker, known as ‘maia arson crimew,’ came across it via an unsecured server at carrier CommuteAir.
“TSA is aware of a potential cybersecurity incident, and we are investigating in coordination with our federal partners,” the TSA said.
The server has now been taken offline.
“The server contained data from a 2019 version of the federal no-fly list,” CommuteAir Corporate Communications Manager Erik Kane told the Daily Dot.
The airline is conducting a full investigation.
“Based on our initial investigation, no other customer data was exposed.”
Commenting on the list the hacker said; “Just scrolling through it, you will see almost every name is Middle Eastern.”
















