14 DAY TRIAL // The Thomson Reuters World-Check database of people suspected of terrorist activities, which first leaked online due to a faulty CouchDB server at the end of June, is now available for sale on the Dark Web.
The database has been added to TheRealDeal Dark Web marketplace for illegal goods by someone using the nickname bestbuy, who's asking for 10 Bitcoin (~$6,600) for its contents. This user declined to provide any proof of the data's authenticity.
Later on, another user with the DataDirect username uploaded the same database as well, with proof of its legitimacy and a lower price (3.5 Bitcoin / ~$2,300).
World-Check - a controversial database
World-Check is a database compiled by Thompson Reuters (the news agency) and holds information on people suspected of ties to terrorist activities based on leads and clues gathered from public sources, data leaks, breaches, and so on.
Thompson Reuters is currently selling this database to over 300 government and intelligence agencies around the world, and they use it as a base for their criminal investigations.
News about this leak first surfaced when security researcher Chris Vickery announced on Reddit that he came in possession of the data and didn't know if to leak it to the public or not.
He eventually decided that it was best to keep the data private, but he shared it with select news reporters and security vendors. According to an analysis of the data by Risk Based Security, the database contained 2,248,125 entries, of which 76,890 concerned individuals directly accused of links to terrorism activities and organizations.
Leaked data eventually reached a person with nefarious intentions
Most of the people who looked at the data said it contained false positives, meaning people wrongfully included in the database.
The data contained personal details about individuals and companies, along with reports and biographies. Personal data included details such as Social Security numbers, dates of birth, full names, alternative names, passport IDs, company identifiers, citizenship status, and deceased status.
Thompson Reuters said the data leaked from one of its clients that had purchased access to the database. They later said they managed to identify and plug the source of the problem.
Apparently, not fast enough because someone seemed to have identified the same server and downloaded the data as well.
UPDATE [July 15, 2016]: Article was updated to include details about second Dark Web ad.
so it appears world-check is now on TRD, data looks fairly legit, asking price is 3.5BTC... no way this data is worth that much — CWN (@Cyber_War_News) July 15, 2016
