US governor accuses source-code viewing site visitor of hacking

By on
US governor accuses source-code viewing site visitor of hacking
Mike Parson, governor of Missouri, US. Source: HTML

Reporter found social security numbers being leaked.

The governor of Missouri, Mike Parson, has accused a visitor to the state's department of elementary and secondary education (DESE) website of hacking and gaining access to teachers' United States social security numbers.

Parson said an unnamed individual had been reported to Cole County prosecution and the state Highway Patrol Digital Forensic Unit, for allegedly "decoding the HTML source code" of the site to view the socal security numbers (SSNs).

Hyper text markup language is used by web browsers to format text and to present objects for visitors to view on pages.

Most web browsers will let you view the HTML source code used to assemble pages through a specific key combination.

Parson railed against the "HTML source code" viewing on Twitter, where other users cast doubt that such an action could be construed as hacking.

One Twitter user also pointed out that Parson's own gubernatorial site running the Drupal 8 open source content management system had been set to debugging mode, which appears to be exposing sensitive data in turn.

The Missouri governor doubled down on his allegations, however, and insisted that the unnamed individual had accessed, converted and decoded the HTML source code.

As of writing, it remains unclear if Missouri law enforcement will investigate the HTML source code viewing incident and take action against the person or people behind it.

After news of the data breach broke, the St Louis Post-Dispatch reported that over 100,000 SSNs may have been vulnerable in the incident.

Adding a twist to the story, the newspaper said one of its reporters had discovered the vulnerability, and confirmed that the nine-digit numbers the site displayed were indeed SSNs, belonging to three teachers.

While full details of the flaw are yet to be published, it appears anyone could search the DESE site and discover teachers' SSNs, which could then potentially be used for identity fraud.

Got a news tip for our journalists? Share it with us anonymously here.
Copyright © iTnews.com.au . All rights reserved.
Tags:

Most Read Articles

Log In

Email:
Password:
  |  Forgot your password?