Sheriff's Online Database Leaks Info On Informants

Tootech writes with this snippet from NPR: "A Colorado sheriff's online database mistakenly revealed the identities of confidential drug informants and listed phone numbers, addresses and Social Security numbers of suspects, victims and others interviewed during criminal investigations, authorities said. The breach potentially affects some 200,000 people, and Mesa County sheriff's deputies have been sifting through the database to determine who, if anyone, is in jeopardy. ... The FBI and Google Inc. are trying to determine who accessed the database, the sheriff said. Their concern: That someone may have copied it and could post it, WikiLeaks-style, on the Internet. 'The truth is, once it's been out there and on the Internet and copied, you're never going to regain total control,' Hilkey said. Thousands of pages of confidential information were vulnerable from April until Nov. 24, when someone notified authorities after finding their name on the Internet. Officials said the database was accessed from within the United States, as well as outside the country, before it was removed from the server."

Charges

[crow_t_robot]

I hope someone at the Sheriff's office will be charged with felony negligence for this. I know that leaving a weapon where it can be accessed by a child or a felon is against the law so it should be logical that leaving a database of information open to the world that could easily destroy many lives is worth a felony too.

"To Serve And Protect"...

200,000 CI's?

[Organic Brain Damage]

Deputies have used the database since 1989 to collect and share intelligence gathered during the course of police work. It contains 200,000 names — Mesa County's population is about 150,000 — and includes investigative files from a local drug task force.

Is it just me or does it seem odd to you that they have 200,000 confidential informants in a county with a population of 150,000? What the frack is going on in Mesa County?

Re:Donutleaks strikes again!

[geegel]

What I can't fathom is how a database from a county with 120.000 people [wikipedia.org] can affect 200.000 of them.

Am I missing something here?

Re:What if

[GaryOlson]

What if annual security training was mandatory for all the IT staff connected with law enforcement IT equipment -- just like weapons training is mandatory for all law enforcement officers. This includes the CIO [if they have one], the city manager, the systems architect [whichever poor IT technician is erroneously saddled with this responsibility], and all law enforcement officers who access this data. Failure to pass security training and any breach of security by any individual would initiate immediate administrative leave and/or an Internal Affairs or FBI investigation.

Certain data is a lethal weapon and should be treated appropriately.

Comment removed

[account_deleted]

Comment removed based on user account deletion

Re:Donutleaks strikes again!

[davester666]

Well, with security breaches like this one, they do go through a LOT of informants...

They are EXTREMELY accident prone. Brake failures, falling anvils, gas furnaces blowing up, allergy attack's, you name it, it's happened to informants in the area.

Authorities have no idea why.