Dark web vendors claim to sell stolen terrorism database


A controversial background check database is being offered for sale on the dark web.

Last month, security researcher Chris Vickery announced a copy of the World-Check database was exposed to the open internet because a World Check client had misconfigured security settings on a cloud database platform. If an attacker knew where to look, there was no security in place stopping a bad actor from stealing it. 

{mosads}World-Check claims more than 300 government agencies are clientes, nine of the world’s top 10 law firms and 49 of the world’s top 50 banks. It is a product of Thomson Reuters. 

There are reports that at least two sellers are offering the database on online criminal marketplaces. A seller going by the name “bestbuy” is allegedly charging 10 bitcoin — nearly $7,000 — and another called Data Direct is charging a 3.5 bitcoin — a little more than $2,000.

Vickery found the database by scouring the internet for the configuration problem that made it publicly visible. Though, theoretically, anyone could have found the database the same way he did, Vickery questions whether the sellers are actually selling an authentic file. 

“The person that put up the Real Deal posting is citing different record totals than I recall seeing and has offered no proof that they actually have a copy of the database. The only statements I’ve seen from the seller, ‘bestbuy,’ appear to reflect general information that anyone could have gathered from news reports,” said Vickery via email. 

He was also adamant he was not trying to profit criminally from his earlier discovery of the World-Check file — a file he had helped Thomson Reuters remove from the open internet in the first place. 

“I want to unequivocally state that I am not the person trying to sell this alleged copy of the World-Check database. And, to the best of my knowledge, it is not anyone that I have ever had contact with,” he said. 

The World-Check database has profiles of millions of people, tens of thousands of whom are linked to terrorism. That caused some controversy earlier this year when it turned out that list contained what appeared to be false positives, including a former adviser to the World Bank and a prominent British political figure. The database creates its profiles on publicly available information, including international terrorist watchlists.

See all Hill.TV See all Video

Most Popular

Load more


See all Video