Link (via Schneier)
A new link on the TSA's Our Travelers page directs people who "were told you are on a Federal Government Watch List" to click on a link taking them to this site, which, by all accounts, fits the profile of an attempt to harvest personal information and identity document details.
(UPDATE: The site has been changed and now redirects to https://trip.dhs.gov/index.html. However, the janky spelling, incorrect information and the possibly illegal collection of information without an OMB control number can still be found on the website as of 12:30 pm PST. TSA has still not responded to my call for comment.
1:05 PST -- TSA employee Christopher White called to say "We are aware there was an issue and replaced the site. The issue has been fully addressed. We take IT responsibilities seriously. There never a vulnerability; just a small glitch." That's not quite accurate, as the non-SSL encrypted form submission was a vulnerability, but I take it to mean the site wasn't hacked by phishers. White did not have an answer as to why there is no OMB number for the information collection, saying he was concerned at the moment with the site's security.)