Dow Jones’ watchlist of 2.4 million high-risk individuals has leakedZack Whittaker@zackwhittaker / 7 hours ago
Comment
watchlist
A watchlist of risky individuals and corporate entities owned by Dow Jones has been exposed, after a company with access to the database left it on a server without a password.
Bob Diachenko, an independent security researcher, found the Amazon Web Services-hosted Elasticsearch database exposing more than 2.4 million records of individuals or business entities.
The data, since secured, is the financial giant’s Watchlist database, which companies use as part of their risk and compliance efforts. Other financial companies, like Thomson Reuters, have their own databases of high-risk clients, politically exposed persons and terrorists — but have also been exposed over the years through separate security lapses.
A 2010-dated brochure billed the Dow Jones Watchlist as allowing customers to “easily and accurately identify high-risk clients with detailed, up-to-date profiles” on any individual or company in the database. At the time, the database had 650,000 entries, the brochure said.
That includes current and former politicians, individuals or companies under sanctions or convicted of high-profile financial crimes such as fraud, or anyone with links to terrorism. Many of those on the list include “special interest persons,” according to the records in the exposed database seen by TechCrunch.
Diachenko, who wrote up his findings, said the database was “indexed, tagged and searchable.”
From a 2010-dated brochure of Dow Jones’ Watchlist, which at the time had 650,000 names of individuals and entities. The exposed database had 2.4 million records. (Screenshot: TechCrunch)
The data is all collected from public sources, such as news articles and government filings. Many of the individual records were sourced from Dow Jones’ Factiva news archive, which ingests data from many news sources — including the Dow Jones-owned The Wall Street Journal. But the very inclusion of a person or company’s name, or the reason why a name exists in the database, is proprietary and closely guarded.
Many financial institutions and government agencies use the database to approve or deny financing, or even in the shuttering of bank accounts, the BBC previously reported. Others have reported that it can take little or weak evidence to land someone on the watchlists.
The records we saw vary wildly, but can include names, addresses, cities and their location, whether they are deceased or not and, in some cases, photographs. Diachenko also found dates of birth and genders. Each profile had extensive notes collected from Factiva and other sources.
One name found at random was Badruddin Haqqani, a commander in the Haqqani guerilla insurgent network in Afghanistan affiliated with the Taliban. In 2012, the U.S. Treasury imposed sanctions on Haqqani and others for their involvement in financing terrorism. He was killed in a U.S. drone strike in Pakistan months later.
The database record on Haqqani, who was categorized under “sanctions list” and terror,” included (and condensed for clarity):
https://techcrunch.com/2019/02/27/dow-j ... list-leak/