It’s every traveler’s worst nightmare: finding out that their personal information has been compromised by hackers. Unfortunately, that’s exactly what happened to thousands of passengers of CommuteAir, a popular airline that recently fell victim to a cyber attack, the CommuteAir Hack affected more than 10,000+ passengers and employees.
Table of Contents
TSA Nofly list
The incident occurred recently and blogged about January 19th, 2023, when a hacker was able to gain access to CommuteAir’s database containing the names and personal information of individuals on the airline’s “no fly list.” This list, which is maintained by the Transportation Security Administration (TSA), contains the names of individuals who are deemed to be a threat to national security and are prohibited from flying on commercial aircraft, allegedly the list was dated around 2019.
Some of the names found on the list include
According to crimew, the list contained names like the recently freed Russian arms dealer Viktor Bout, along with over 16 potential aliases linked to him. Additionally, members of the Irish Republican Army (IRA), a paramilitary organization. The list included a person who was only 8 years old, based on their birth year. Many of the names on the list were of Arabic or Middle Eastern descent, but there were also names that appeared to be of Hispanic and Angelican-sounding origin. The list also contained common misspellings and variations of names. The size of the Terrorism Screening Database is significant and yet, there is a clear trend towards Arabic and Russian-sounding names, said crimew.
Hina Shamsi, the director of the National Security Project at the American Civil Liberties Union (ACLU), added that over the past 20 years, U.S. citizens targeted for watchlisting have been disproportionately Muslim and of Arab, Middle Eastern, or South Asian descent. She also noted that the list includes people who dissent or hold unpopular views.
The hacker was able to extract the personal information of thousands of individuals on the list, including their names, addresses, and government-issued identification numbers. The information was then posted on a public website, making it available for anyone to see. In a statement, the hacker claimed that he was able to gain access to the database by exploiting a vulnerability in the airline’s website.
CommuteAir was quick to respond to the incident, issuing a statement in which it apologized for the security breach and assured passengers that it was taking steps to prevent similar incidents from happening in the future. The airline also stated that it would be offering free credit monitoring services to affected passengers.
However, many are now questioning the airline’s ability to protect the personal information of its passengers. The incident has sparked a call for greater security measures to be put in place by airlines, in order to prevent similar breaches from occurring.
Information is vulnerable
The CommuteAir hack serves as a reminder to all of us that our personal information is vulnerable in today’s digital age, and it’s important to be vigilant when it comes to protecting it. If you’re a passenger of CommuteAir or any other airline, it’s important to stay informed about their security practices and take steps to protect your personal information.
This incident calls into question the security measures of all airlines, and we hope that this serves as a wake-up call for them to take their customers’ data seriously, and to invest in better security systems to protect them from potential breaches.
Todays Digital Age
Overall, the CommuteAir hack is a serious issue that highlights the need for increased security measures in the airline industry. Passengers deserve to know that their personal information is being protected, and it’s time for airlines to step up and take responsibility for keeping it safe.
It’s a harsh reminder that in today’s digital age, data breaches are a reality and it’s important for everyone to be vigilant about protecting their personal information. The CommuteAir hack serves as a reminder of the importance of constant security assessments and updates to prevent similar incidents from happening again in the future.