A database that classifies people, major charities, activists, and mainstream religious institutions as potential terrorists or money launderers was found available to anybody who knew where to look online, with no credentials needed to access it.
The mid-2014 copy of Thomson Reuters’ World-Check confidential intelligence database was likely posted by one of the company’s customers.
MacKeeper security researcher Chris Vickery, who on Tuesday posted about his find on Reddit, said it hadn’t come directly from Thomson Reuters:
No hacking was involved in my acquisition of this data. I would call it more of a leak than anything, although not directly from Thomson Reuters. The exact details behind that can be shared at a later time.
On Wednesday, David Crundwell, a spokesperson for Thomson Reuters, sent out this statement:
“Thomson Reuters was yesterday alerted to the fact that out of date information from the World-Check database had been exposed by a third party. We are grateful to Chris Vickery for bringing this to our attention, and have acted with the utmost urgency to contact the third party concerned—with whom we are now in contact in order to secure the information.”...
Read the rest of this post on Naked Security.
The post Database of 2.2m suspected terrorists, money launderers leaked online appeared first on Lisa Vaas.