Thomson Reuters has secured the source of the leak Credit: Thinkstock A database described by some as a “terrorism blacklist” has fallen into the hands of a white-hat hacker who may decide to make it accessible to the public online.The database, called World-Check, belongs to Thomson Reuters and is used by banks, governments and intelligence agencies to screen people for criminal ties and links to terrorism.Security researcher Chris Vickery claims to have obtained a 2014 copy of the database. He announced the details on Tuesday in a post on Reddit.“No hacking was involved in my acquisition of this data,” he wrote. “I would call it more of a leak than anything, although not directly from Thomson Reuters.” Vickery declined to share how he obtained the data, but he’s already contacted Thomson Reuters about securing the source of the leak.In an email, Thomson Reuters said on Wednesday that it was “grateful” to Vickery for the alert. The “third-party” that leaked the database has taken it down, the company added. Vickery has previously exposed database leaks related to Mexican voters, a Hello Kitty online fan community and medical records.His copy of the World-Check database contains the names of over 2.2 million people and organizations declared “heightened risks.” Only a small part of the data features a terrorism category. Additional categories include individuals with ties to money laundering, organized crime, corruption and others.He is asking Reddit users whether he should leak the database to the public. His concern is that innocent people with no criminal ties may have been placed on the list.The information isn’t really secret either. Users can buy access to the database from Thomson Reuters.Leaking the database, however, could create risks and tip off “actual bad guys” that they’ve been placed on the list, Vickery said.Thomson Reuters declined to say how it might respond if Vickery decides to publicize the information. The World-Check database is sourced from the company’s analysts, “industry sources” and government records. Related content news UK government plans 2,500 new tech recruits by 2025 with focus on cybersecurity New apprenticeships and talent programmes will support recruitment for in-demand roles such as cybersecurity technologists and software developers By Michael Hill Sep 29, 2023 4 mins Education Industry Education Industry Education Industry news UK data regulator orders end to spreadsheet FOI requests after serious data breaches The Information Commissioner’s Office says alternative approaches should be used to publish freedom of information data to mitigate risks to personal information By Michael Hill Sep 29, 2023 3 mins Government Cybercrime Data and Information Security feature Cybersecurity startups to watch for in 2023 These startups are jumping in where most established security vendors have yet to go. By CSO Staff Sep 29, 2023 19 mins CSO and CISO Security news analysis Companies are already feeling the pressure from upcoming US SEC cyber rules New Securities and Exchange Commission cyber incident reporting rules don't kick in until December, but experts say they highlight the need for greater collaboration between CISOs and the C-suite By Cynthia Brumfield Sep 28, 2023 6 mins Regulation Data Breach Financial Services Industry Podcasts Videos Resources Events SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe