Missouri Gov. Mike Parson (R) on Thursday suggested that he was ready to prosecute St. Louis Post-Dispatch staff after newspaper published a story Exposing data exposure on state education department website.
running news: Post-Dispatch notified the state on Tuesday following the discovery of the vulnerability, which left the Social Security number of 100,000 workers vulnerable to public disclosure. Parson’s comment on Thursday hit a . echoed the rhetoric of Statement Describing the reporter as a “hacker” by the department.
Be smart: The newspaper said the private information was not clearly visible or searchable, but was instead in the HTML source code of the pages in question. The HTML source code is publicly available to anyone with a web browser.
At a news conference on Thursday, Parson said The “individuals” who alerted the state had obtained private information through a “multi-step process” and were trying to “embarrass the state and sell headlines for their news outlets”.
- “The state is committed to bringing to justice anyone who hacked our system and whoever helped and abetted it to do so,” Parson said.
- “Not only are we going to hold this person accountable, but we’re also going to hold everyone accountable who assisted this person and the media corporation that employs them.”
post-dispatch disputed Parson’s specialty, citing the University of Missouri-St. Louis cyber security professor Shaji Khan, who noted that the content was encoded but not encrypted, so it could be viewed without the decryption key.
- “We stand by our reporting and our reporter who did everything right. It is regrettable that the governor chose to place the blame on the journalists who exposed the website’s problem and brought it to the attention of DESE,” Post-Dispatch publisher Ian Caso said on Thursday.
Noteworthy: The newspaper informed the department of its findings before publishing the story, giving the department time to remove webpages that contained exposure.