XPost: alt.comp.os.windows-10, alt.privacy.anon-server, comp.os.linux.advocacy   
   From: nobody@dizum.com   
      
   Several public websites designed to allow courts across the United States   
   and Canada to manage the personal information of potential jurors had a   
   simple security flaw that easily exposed their sensitive data, including   
   names and home addresses, TechCrunch has exclusively learned.   
      
   A security researcher, who asked not to be named for this story, contacted   
   TechCrunch with details of the easy-to-exploit vulnerability, and   
   identified at least a dozen juror websites made by government software   
   maker Tyler Technologies that appear to be vulnerable, given that they run   
   on the same platform.   
      
   The sites are all over the country, including California, Illinois,   
   Michigan, Nevada, Ohio, Pennsylvania, Texas, and Virginia.   
      
   * * *   
      
   This is not the first time Tyler left sensitive personal data exposed on   
   the internet. In 2023, a security researcher found that, due to a separate   
   security flaw, some U.S. online court record systems exposed sealed,   
   confidential, and sensitive data, such as witness lists and testimony,   
   mental health evaluations, detailed allegations of abuse, and corporate   
   trade secrets.   
      
   In that case, Tyler fixed vulnerabilities in its Case Management System   
   Plus product, which was used across the state of Georgia.   
      
   Two other government technology providers were exposing data in that case:   
   Catalis, through its CMS360 product, a system used across several U.S.   
   states; and Henschen & Associates, through its CaseLook court record   
   system, used in Ohio.   
      
   https://techcrunch.com/2025/11/26/bug-in-jury-systems-used-by-several-us-   
   states-exposed-sensitive-personal-data/   
      
   * * *   
      
   Tyler Technologies Ransomware Attack: $1.5M In Lost Revenue   
      
      
   Government software and IT service provider Tyler Technologies ($TYL) lost   
   about $1.5 million in services revenue because of a ransomware attack in   
   September, the company disclosed in its Q3 2020 earnings report on   
   November 4.   
      
   MSSP Alert first reported details about the Tyler Technologies ransomware   
   attack on September 25. After the attack, Tyler Technologies warned that   
   some of its customers had reported suspicious logins, Reuters notes.   
      
   Tyler hired third-party cybersecurity investigators to assist with the   
   recovery efforts, though the government software provider did not disclose   
   digital forensics firm(s) by name or any specific MSSP (managed security   
   services provider) engagements.   
      
   Tyler provides software services for everything from jail and court   
   management systems to payroll, human resources, tax and bill collection   
   and land records, the Associated Press notes. Amid the attack, Tyler was   
   quick to point out that none of its products are a system of record for   
   voting or election-related activities.   
      
   https://www.msspalert.com/news/tyler-technologies-recovery-details   
      
   --- SoupGate-Win32 v1.05   
    * Origin: you cannot sedate... all the things you hate (1:229/2)