Lindsey O’Donnell reported this earlier this week. Be sure to read the update to it below:
Cook County, Ill., home to Chicago, has left a database exposed since at least September that contained sensitive criminal and family-court records.
A non-password protected database, belonging to a county in Illinois, exposed 323,000 court records for at least four months, according to researchers. The database exposed the names of various people involved in sensitive criminal, domestic-abuse or child-custody court cases.
ThreatPost wasn’t the only news site to report on the findings and claims published by WebsitePlanet researchers. And ThreatPost did reach out to Cook County (but seemingly got no comment by their publication time). But note that there is a significant update/correction to the original report posted on Website Planet days after ThreatPost and other outlets reported the original claims:
Update: On January 29th, 2021, the Cook County Bureau of Technology reached out to us to inform us that the server did not belong to the Cook County government. The owner of the server was still unknown as of that day.
So as of today, it is still not confirmed who was responsible for the misconfigured server, but it reportedly was not the county court system.