Thomson Reuters World-Check terrorist data leaked
The details of around 2.2m terrorists and those involved in organised crime have been revealed online
A database that holds data on more than 2.2 million people linked to terrorism and organised crime worldwide has been leaked on the internet following an accidental database error.
The World-Check database is managed by Thompson Reuters and used by groups including banks, law firms and intelligence agencies. It comprises information about people linked to organised crime and terrorism, helping Thompson Reuters' clients vet identities, preventing them from getting credit or committing further crimes such as fraud.
Security researcher Chris Vickery, who works for MacKeeper, revealed he was able to obtain the database information, which was released into the public domain not through a hack, but when a database software error occurred.
However, it was not Thomson Reuters that caused this error, but likely SmartKYC, a London-based financial services firm.
"Thomson Reuters did confirm to me early this morning that they have been working with SmartKYC to secure the data and it is believed to now be offline," Vickery told TechCrunch via email.
The information in the database dates back to 2014 and is regularly updated by 350 research analysts who use thousands of sources to find people who pose threats to security.
"Thomson Reuters was yesterday alerted to out of date information from the World-Check database that had been exposed by a third party," Thomson Reuters said in a statement.
"We are grateful to Chris Vickery for bringing this to our attention, and immediately took steps to contact the third party responsibleas a result we can confirm that the third party has taken down the information. We have also spoken to the third party to ensure there will be no repetition of this unacceptable incident."
What you need to know about migrating to SAP S/4HANA
Factors to assess how and when to begin migrationDownload now
Your enterprise cloud solutions guide
Infrastructure designed to meet your company's IT needs for next-generation cloud applicationsDownload now
Testing for compliance just became easier
How you can use technology to ensure compliance in your organisationDownload now
Best practices for implementing security awareness training
How to develop a security awareness programme that will actually change behaviourDownload now