Republican Missouri Gov. Mike Parson has become the subject of widespread criticism for accusing a journalist of hacking after the journalist pointed out a data vulnerability on the state government’s website.
On Thursday, a St. Louis Post-Dispatch reporter wrote that over 100,000 educators’ Social Security numbers (SSN) were easily viewable through the HTML source code on a website run by the state’s education department. The reporter notified the government, giving them time to address the vulnerability and scan other government-run websites for similar issues before publishing the story.
Not long after the article was published, Parson accused the reporter of being a “hacker” without evidence and promised to seek criminal prosecution. “This administration is standing up against any and all perpetrators who attempt to steal personal information and harm Missourians,” Parson said at a press conference.
Parson continued to imply that the Post-Dispatch journalist had some sort of ulterior motive, claiming the reporter was “acting against the state agency to compromise teachers’ personal information in an attempt to embarrass the state and sell headlines for their news outlet.” Ironically, his threats to the journalist are bringing far more attention to the story than it would have gotten otherwise.
As many reporters and people familiar with basic computer functions have pointed out, the journalist didn’t participate in anything close to resembling hacking. Rather, he accessed information that is public on every webpage: the source code, which can be accessed easily via the “view source” functionality. By pointing out the flaw in the website, he likely helped avert disaster for the state’s educators’ by protecting their personal information — not vice versa, as Parson erroneously claimed.
This type of data vulnerability is a well-known mistake, a cybersecurity professor at the University of Missouri-St. Louis told the Post-Dispatch. The professor added that it was “mind boggling” to see it still happening on a government website, even though this type of cybersecurity error has been around for at least a decade.
Lawmakers and journalist organizations were dismayed at the governor’s direct attack on a member of the press.
“Let’s make this clear: It was [Governor Parson] who failed to secure teachers’ SSNs. There’s no ‘hacking’ here. There’s an effort to criminalize journalists,” wrote Rep. Cori Bush, a Democrat from Missouri. “Shame on you, Governor.”
“Using journalists as political scapegoats by casting routine research as ‘hacking’ is a poor attempt to divert public attention from the government’s own security failing,” Katherine Jacobsen, the U.S program coordinator at the Committee to Protect Journalists (CPJ) told The Washington Post, adding that Parson’s threats were “absurd.”
Though many people pointed out the simplicity of the data vulnerability to the governor after his threats on Thursday, Parson only doubled down on his statements in tweets later that day. “We want to be clear, this DESE hack was more than a simple ‘right click,’” he lied. “This data was not freely available, and by the actors own admission, the data had to be taken through eight separate steps in order to generate a SSN.”
Parson’s statements are easily debunked; according to the original article, “the newspaper found that teachers’ Social Security numbers were contained in the HTML source code of the pages involved.” Not only is it unclear what “steps” Parson is talking about, the source code of websites is freely available — one can even view it on a smartphone browser.
Though Parson’s motivations are undetermined, the threats are part of disturbing and ongoing attempts by Republicans to discredit the media at large, years after Donald Trump coined the term “fake news.”
“Trump’s most effective ploy has been to destroy the credibility of the press,” CPJ wrote in a 2020 report.
During his presidency, Trump reportedly asked then-Federal Bureau of Investigations Director James Comey to prosecute journalists who reported on leaks. He also repeatedly attacked the media for portraying him in a negative light and embarrassing his administration.
Truthout Is Preparing to Meet Trump’s Agenda With Resistance at Every Turn
Dear Truthout Community,
If you feel rage, despondency, confusion and deep fear today, you are not alone. We’re feeling it too. We are heartsick. Facing down Trump’s fascist agenda, we are desperately worried about the most vulnerable people among us, including our loved ones and everyone in the Truthout community, and our minds are racing a million miles a minute to try to map out all that needs to be done.
We must give ourselves space to grieve and feel our fear, feel our rage, and keep in the forefront of our mind the stark truth that millions of real human lives are on the line. And simultaneously, we’ve got to get to work, take stock of our resources, and prepare to throw ourselves full force into the movement.
Journalism is a linchpin of that movement. Even as we are reeling, we’re summoning up all the energy we can to face down what’s coming, because we know that one of the sharpest weapons against fascism is publishing the truth.
There are many terrifying planks to the Trump agenda, and we plan to devote ourselves to reporting thoroughly on each one and, crucially, covering the movements resisting them. We also recognize that Trump is a dire threat to journalism itself, and that we must take this seriously from the outset.
After the election, the four of us sat down to have some hard but necessary conversations about Truthout under a Trump presidency. How would we defend our publication from an avalanche of far right lawsuits that seek to bankrupt us? How would we keep our reporters safe if they need to cover outbreaks of political violence, or if they are targeted by authorities? How will we urgently produce the practical analysis, tools and movement coverage that you need right now — breaking through our normal routines to meet a terrifying moment in ways that best serve you?
It will be a tough, scary four years to produce social justice-driven journalism. We need to deliver news, strategy, liberatory ideas, tools and movement-sparking solutions with a force that we never have had to before. And at the same time, we desperately need to protect our ability to do so.
We know this is such a painful moment and donations may understandably be the last thing on your mind. But we must ask for your support, which is needed in a new and urgent way.
We promise we will kick into an even higher gear to give you truthful news that cuts against the disinformation and vitriol and hate and violence. We promise to publish analyses that will serve the needs of the movements we all rely on to survive the next four years, and even build for the future. We promise to be responsive, to recognize you as members of our community with a vital stake and voice in this work.
Please dig deep if you can, but a donation of any amount will be a truly meaningful and tangible action in this cataclysmic historical moment.
We’re with you. Let’s do all we can to move forward together.
With love, rage, and solidarity,
Maya, Negin, Saima, and Ziggy