US states’ court record systems impacted by document-leaking vulnerabilities

Ohio, Florida, Georgia, Tennessee, and Mississippi had at least eight court records systems impacted by vulnerabilities that publicly exposed sensitive court filings, including witness lists and testimonies, corporate trade secrets, and abuse allegations, TechCrunch reports. Exploiting the client-side flaws only requires web browser developer tools, according to security researcher Jason Parker, who identified the bugs after being informed by a tipster who reported the issues to the impacted courts but did not receive any reply. Such flaws have already been addressed by three various tech vendors but only Tyler Technologies, which supports Georgia's court records system, and Henschen & Associates, which supports the court records system of Ohio, confirmed the effectiveness of the fixes. Despite notifying five Florida counties regarding vulnerabilities affecting their court records systems believed to be developed in-house, only Sarasota County confirmed addressing a flaw, which enabled document access through numerically sequential document number increments. No information was noted to have been compromised, noted Sarasota County clerk of the circuit court Karen Rushing.