Far-right Missouri governor threatens criminal prosecution of reporter who found 'a serious flaw' in state website

Far-right Missouri governor threatens criminal prosecution of reporter who found 'a serious flaw' in state website
Mike Parson in January 2011, Wikimedia Commons

Earlier this week, a reporter for the St. Louis Post-Dispatch notified Missouri's state government that a website maintained by the Missouri Department of Education had a security flaw — one that made the private information of teachers and education administrators, including their Social Security numbers, vulnerable. And the Post-Dispatch agreed to hold off on publishing information about that site's vulnerability while the problem was being addressed. But far-right Missouri Gov. Mike Parson, according to Missouri Independent reporter Jason Hancock, is now railing against the Post-Dispatch, defaming the reporter as a "hacker" and threatening criminal prosecution.

At a press conference, Parson told reporters, "The state does not take this matter lightly…. This administration is standing up against any and all perpetrators who attempt to steal personal information and harm Missourians."

The Missouri Department of Education, according to Hancock, removed the web pages that were problematic after being informed of the problem by the Post-Dispatch.

Hancock reports, "The Post-Dispatch discovered the vulnerability in a web application that allowed the public to search teacher certifications and credentials. The Department removed the affected pages from its website Tuesday after being notified of the problem by the Post-Dispatch. Based on state pay records and other data, more than 100,000 Social Security numbers were vulnerable. The newspaper delayed publishing this report to give the Department time to take steps to protect teachers' private information, and to allow the state to ensure no other agencies' web applications contained similar vulnerabilities."

Hancock notes that although "no private information was clearly visible nor searchable on any of the web pages," the Post-Dispatch "found that teachers' Social Security numbers were contained in the HTML source code of the pages involved."

According to Hancock, "The newspaper asked Shaji Khan, a cybersecurity professor at the University of Missouri-St. Louis, to confirm the findings. He called the vulnerability 'a serious flaw.'"

#story_page_post_article

Understand the importance of honest news ?

So do we.

The past year has been the most arduous of our lives. The Covid-19 pandemic continues to be catastrophic not only to our health - mental and physical - but also to the stability of millions of people. For all of us independent news organizations, it’s no exception.

We’ve covered everything thrown at us this past year and will continue to do so with your support. We’ve always understood the importance of calling out corruption, regardless of political affiliation.

We need your support in this difficult time. Every reader contribution, no matter the amount, makes a difference in allowing our newsroom to bring you the stories that matter, at a time when being informed is more important than ever. Invest with us.

Make a one-time contribution to Alternet All Access, or click here to become a subscriber. Thank you.

Click to donate by check.

DonateDonate by credit card
Donate by Paypal
{{ post.roar_specific_data.api_data.analytics }}

Don't Sit on the Sidelines of History. Join Alternet All Access and Go Ad-Free. Support Honest Journalism.