Republican lawmakers say Congress will investigate TSA no fly list violation

Republican lawmakers say Congress will investigate TSA no-fly list violation

Latest News / By /

CNN —

A Republican congressman who serves on the House Homeland Security Committee said Congress “will come for answers” after a hacker revealed that the Transportation Security Administration’s no-fly list of known or suspected terrorists was accessible on an unsecured computer server .

“The entire US no-fly list – with over 1.5 million entries – was found by a Swiss hacker on an unsecured server,” Bishop said in a tweet. “Aside from the fact that the list is a civil liberties nightmare, how was this information so readily available?”

The North Carolina lawmaker, who sits on the House Homeland Security Committee, said Congress would investigate the data disclosure unveiled Friday.

“We will come for answers,” Bishop claimed, making the break potentially the latest in a long list of probes House Republicans have pledged to do now that they are in control of the lower house.

CNN has reached out to the committee for comment.

In an earlier statement to CNN on Friday, the TSA said it was “aware of a potential cybersecurity incident and we are investigating it in coordination with our federal partners.”

The data resided on the public internet on an unsecured computer server hosted by CommuteAir, a regional airline based in Ohio, according to the hacker who claimed the discovery, CNN previously reported.

The hacker, who also describes herself as a cybersecurity researcher, previously told CNN she informed CommuteAir about the data disclosure.

The regional airline said in a statement that the data accessed by the hacker was “an outdated version of the 2019 federal no-fly list,” which included names and dates of birth.

The no-fly list is a list of known or suspected terrorists who are prohibited from flying to or from the United States. The screening program grew out of the September 11, 2001 terrorist attacks and involves airlines comparing their passenger records with federal records to keep dangerous individuals off planes.

CNN previously reported that CommuteAir, which operates exclusively 50-seat regional flights for United Airlines from its Washington Dulles, Houston and Denver hubs, said it took the affected computer server offline after a “member of the safety research community” contacted the airline.

The Daily Dot, a tech news outlet, first reported on the alleged data breach.