Global 'Terror Database' Leaked

Uploaded on 2016-07-13 in NEWS-Cybersecurity News, INTELLIGENCE--International, GOVERNMENT-Law Enforcement, FREE TO VIEW

The "terrorist database" World-Check used by global banks and intelligence agencies has been leaked online and Thomson Reuters is 'working furiously' to secure 2.2 million sensitive records

The mid-2014 version of the database contains some 2.2 million records and is used by 49 of the world's 50 largest banks, along with 300 government and intelligence agencies. Access to its contents is granted via a strict vetting process and the signing of NDAs.

The Thomson Reuters database is accused of falsely designating citizens and organisations as terrorists. Banks have used this data in whole or in part to shutter accounts, effectively locking people out of vast swathes of the global banking system.

Top security researcher Chris Vickery found a copy of the database sitting on an unsecured Couchbase-powered system online, and told The Register it is still exposed to the internet even after he disclosed its location to Thomson Reuters.

"As far as I know, the original location of the leak is still exposed to the public internet," Vickery says. "Thomson Reuters is working feverishly to get it secured."

Thomson Reuters says it will provide citizens and organisations information about their designation on individual request. Alerts are not issued to known contacts of those affected when terrorist designations are assigned, however.

Publicly revealing the database beyond the aforementioned leak could be reckless: World-Check contains sensitive information on citizens regarding their alleged criminal histories and possible terrorist links.

Thomson Reuters urges banks and other customers use multiple sources alongside World-Check and requests that the secretive database not be cited in any public decision-making materials.

The organisation rejects accusations that World-Check is controversial or simply flat out wrong. However, inaccurate terror designations were revealed by the BBC's Radio 4 which gained 30 minutes of access to the database in August 2015 from a disgruntled customer.

That program revealed various British citizens who had their HSBC bank accounts closed in 2014 without the possibility of appeal, because what they claimed were incorrect records in World-Check identifying them as having terrorist links.

One of those was the account for the UK Finsbury Park Mosque which was described in a HSBC letter as having "fallen outside of HSBC's risk appetite". The mosque was in years past visited by Al Qaeda operatives, Beslan Siege members, and had convicted terrorist Abu Hamza al-Masrim as its imam in 1997.

Since that time the Mosque has been run by a group supported by the Metropolitan Police. Sources say HSBC closed on the mosque because it donated money to Palestine during the 2015 Israel-Gaza war.

At the same time HSBC shuttered the account of the Cordoba Foundation, a UK think tank which was designated by the United Arab Emirates as a terrorist organisation for its alleged links to the Muslim Brotherhood – a political opponent in the region.

HSBC shuttered the accounts of Foundation chief executive Anas Altikriti, including his three-decade old personal account, and that of his wife and two teenage children.

The BBC reported finding information in World-Check based on Wikipedia entries, biased blogs, and state-backed news agencies. Vice also gained access to the World-Check database in February. It found terrorist profiles including the Council on American-Islamic Relations executive director Nihad Awad, joined former US President George W. Bush in a post 9/11 press conference, and the organisation itself.

Former World Bank and Bank of England advisor Mohamed Iqbal Asaria awarded a Commander of the Order of the British Empire award in 2005 was also listed as a terrorist.

Vickery has reported recent large-scale breaches including information on 93 million Mexican voters in April. The records were exposed thanks to a configuration error in a MongoDB database.

He also earlier revealed the exposure of 13 million records of MacKeeper, Zeobit, and Kromtech, and some 1700 records of children from website uKnowKids.

The Register:

 

« Cities Face Multiple Security Threats
Bank of England: Cyberattacks A 'Clear and Present Danger' »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

Perimeter 81 / How to Select the Right ZTNA Solution

Perimeter 81 / How to Select the Right ZTNA Solution

Gartner insights into How to Select the Right ZTNA offering. Download this FREE report for a limited time only.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

securitycurrent

securitycurrent

Security Current's proprietary content and events provide insight, actionable advice and analysis giving executives the latest information to make knowledgeable decisions.

NUS-Singtel Cyber Security R&D Lab

NUS-Singtel Cyber Security R&D Lab

NUS-Singtel Cyber Security R&D Lab conducts research into predictive security analytics.

ESG Elektroniksystem- und Logistik-GmbH

ESG Elektroniksystem- und Logistik-GmbH

ESG offer a comprehensive portfolio of cyber and IT services ranging from consulting, solutions and operations to testing, simulation and training.

Labris Networks

Labris Networks

Labris Networks specializes in DDoS mitigation, NG Firewall, Unified Threat Management, Centralized Management, Regulatory Compliances and SOC/CERT Services.

Nexcom International

Nexcom International

Nexcom operates six global businesses - IoT Automation, Intelligent Digital Security, Internet of Things, Intelligent Platform & Services, Mobile Computing Solutions, Network & Communications.

ECS

ECS

ECS is a leading information technology provider delivering cloud, cybersecurity, software development, IT modernization, and advanced science and engineering services.

Multitel

Multitel

Multitel is an independent research centre. We develop and integrate emerging technologies into the industrial fabric at the regional and international levels.

Nuspire

Nuspire

Nuspire provide services to protect your network with best-in-class managed detection and response, allowing you to stay focused on managing your business.

PhishX

PhishX

PhishX is a SaaS platform for security awareness that simulates Cyberthreats, train people, while measure and analysis results, reducing Cybersecurity risks for People and Companies.

Asset Guardian Solutions (AGSL)

Asset Guardian Solutions (AGSL)

Asset Guardian are dedicated to protecting the integrity of process control systems software that is used to control operations and production processes.

Accelerator Frankfurt

Accelerator Frankfurt

Accelerator Frankfurt is an independent go-to-market program focused on Fintech, Cybersecurity and Digital B2B startups.

Ridge Global

Ridge Global

Ridge Global works with C-suite executives and corporate directors to build more resilient organizations through innovative preparedness, protection, response and education capabilities.

Trisul Network Analytics

Trisul Network Analytics

Trisul helps organizations deploy full spectrum deep network monitoring which can serve as a single source of truth for performance monitoring, security analytics, threat detection and compliance.

CYMAR

CYMAR

CYMAR The “CYBER” Smart Solution to offer sustainability and bring resilience to Global SMART Terminals and protect the supply chain of the World’s economy.

Vigilant Ops

Vigilant Ops

Vigilant Ops is a leader in Software Bill of Materials (SBOM) Automation. A proactive approach to cybersecurity with continuous vulnerability monitoring.

SecureDNE

SecureDNE

SecureDNE are a leading provider of cutting-edge Fractional CISO, Managed Cybersecurity Services, and Cybersecurity Engineering Solutions.