A Swiss hacker reportedly discovered access to an unsecured server containing thousands of individuals’ identities from the United States Terrorist Screening Database and No Fly List. CommutAir, the regional carrier flying under United Airlines’ United Express brand, left the server exposed on the internet.
According to the Daily Dot, the server revealed a vast amount of company data, including private information on almost 1,000 CommuteAir employees. The hacker also said there were more than a million entries on the No Fly List.
An investigation has been launched
CommutAir Corporate Communications Manager Erik Kane confirmed the incident to the Daily Dot and said the airline is investigating.
The regional airline reportedly said the exposed server was for testing purposes and did not expose any customer information based on an initial investigation. The server has since been taken offline.