2016 Postmortem

Renew Deal

(84,352 posts)

115. Here is what VAN said

Sun Dec 27, 2015, 12:59 AM

Dec 2015

As soon as we realized that there was an issue, we immediately mobilized our engineers to investigate the source of the issue. While we investigated the issue, we restricted access to affected areas of the VAN product for all users and limited access to data exports. Engineers quickly discovered the problem, and developed a fix.

We immediately began an audit to determine if any users had intentionally or unintentionally gained access to data they normally would not have access to within the limited timeframe when the bug was live. Our team removed access to the affected data, and determined that only one campaign took actions that could possibly have led to it retaining data to which it should not have had access.

http://blog.ngpvan.com/news/data-security-and-privacy

That one campaign is the one that fired a guy and apologized. Now bring in the feds.

The DNC is the administrator of the system and the Clinton campaign is the victim. That's why they would be "seemingly coordinated."

This is the part of the contract that permits the DNC to cut off the data

Cutting off access during the breach is covered here:

16) The Agreement requires the DNC to “use security measures, with respect to the
Campaign Data, that are consistent with good practices in the data processing industry.”
Agreement, ¶ 3(f). Under the Agreement, the DNC warrants that its services shall “be performed
in a professional and workmanlike manner, consistent with industry standards in the data
processing industry.” Agreement, ¶ 8.

Keeping access cut off until the problem is resolved is covered here:

17) The Agreement further requires the DNC to “take all measures necessary to
protect the secrecy of, and to avoid disclosure and unauthorized use of” confidential information
disclosed by the Campaign to the DNC (“Confidential Information”). Agreement, ¶ 7(a).
Pursuant to the Agreement, the DNC undertakes to “immediately notify the Campaign in the
including the full extent of the time, place and manner of the use or disclosure and the corrective
steps taken by the DNC to address the unauthorized use or disclosure.” Id.

Those two clauses let the DNC do what it needs to do to protect the data.

Edit history

Please sign in to view edit histories.

Recommendations

0 members have recommended this reply (displayed in chronological order):

129 replies

= new reply since forum marked as read

Highlight:

Should there be a full criminal investigation of the Bernie Sanders data breach? [View all] Renew Deal Dec 2015 OP

I don't know of any "Bernie Sanders data breach" tularetom Dec 2015 #1

Bernie Sanders campaign breached the NGP VAN data Renew Deal Dec 2015 #3

That is not how any fair-minded technical person would view the situation, just so you know. JonLeibowitz Dec 2015 #20

The fair minded technical people at NGP VAN viewed it that way. Renew Deal Dec 2015 #97

One staffer, who the campaign immediately fired, saved some files Ken Burch Dec 2015 #27

A staffer Bernie did not know, who was recommended by the DNfuckingC! ViseGrip Dec 2015 #76

Why would he hire someone he didn't know to be his national data director? Renew Deal Dec 2015 #99

My original view was that there was no story. Renew Deal Dec 2015 #98

Not according to NGP VAN AgingAmerican Dec 2015 #37

Maybe you didn't see what NGP VAN said? Renew Deal Dec 2015 #100

Identify specifically the law that you think that the Sanders campaign broke. JDPriestly Dec 2015 #51

That's the job of the justice department Renew Deal Dec 2015 #101

Bernie's campaign did NOT breach the data. A person recommended by NGP VAN AND the DNC was sabrina 1 Dec 2015 #106

Who was the "person recommended by NGP VAN AND the DNC" working for? Renew Deal Dec 2015 #107

The contract requires ten days of investigation before anything is decided, like going public and sabrina 1 Dec 2015 #123

LOL hill2016 Dec 2015 #13

I am a Sanders supporter and I want the truth to come out! Dustlawyer Dec 2015 #16

Agree 100% tecelote Dec 2015 #28

Who hired "this individual?" Renew Deal Dec 2015 #103

I totally agree, Dustlawyer. Uncle Joe Dec 2015 #44

An investigation led by law enforcement would be best Renew Deal Dec 2015 #102

And that was all that was needed. Ken Burch Dec 2015 #25

Bernie Sanders apologizes for what he believes may have been poor judgement by a staffer or staffers daybranch Dec 2015 #63

A class act wouldn't put out stories saying the staffer is a plant Renew Deal Dec 2015 #104

AGREED, VERBIAGE HERE IS MISREPRESENTATIVE OF THE FACTS! FULL INVESTIGATION CorporatistNation Dec 2015 #17

Sure you used enough "all-caps" in that post? Ken Burch Dec 2015 #24

Up to now, only the Sanders campaign has acted improperly Renew Deal Dec 2015 #105

Full disclosure would be nice Politicalboi Dec 2015 #2

I want to know what Bernie's campaign did gwheezie Dec 2015 #9

Lets do a full audit from day one. artislife Dec 2015 #26

They had the same access AgingAmerican Dec 2015 #46

As of yet, there is absolutely NO BlueMTexpat Dec 2015 #55

Are we sure that the DNC servers aren't in Hillary's basement? pipoman Dec 2015 #57

Of course they are! BlueMTexpat Dec 2015 #71

Considering Hillary's track record with the "truth" tazkcmo Dec 2015 #74

Same-old same-old BlueMTexpat Dec 2015 #90

Yes - This Citizen No Longer Trusts The DNC DWS DLC Third-Way Democratic Party Establishment cantbeserious Dec 2015 #4

Let it go creeksneakers2 Dec 2015 #5

That was my view last week Renew Deal Dec 2015 #8

Nothing has changed. Ken Burch Dec 2015 #23

And the vendor says no sensitive data was accessed AgingAmerican Dec 2015 #39

This is what changed Renew Deal Dec 2015 #108

Anything that gets to the whole truth, and nothing but the truth. nt Snotcicles Dec 2015 #6

Why is the rhetoric on this escalating? underthematrix Dec 2015 #7

Rovian projection AgingAmerican Dec 2015 #53

On this site regarding this matter, the rhetoric seems to be escalating. Your reply is underthematrix Dec 2015 #94

The Sanders camp now is complaining that the auditor is too aggressive. Renew Deal Dec 2015 #66

Link please. Eom Karma13612 Dec 2015 #86

Here you go Renew Deal Dec 2015 #109

I believe the better term would be "questionable". Karma13612 Dec 2015 #127

I just can't get into this Dem2 Dec 2015 #10

beginning from day one of the campaign through the last inappropriate access notadmblnd Dec 2015 #11

There was no "day one". Ken Burch Dec 2015 #22

Sure there was. Day one was the day user id's were set up, permissions granted notadmblnd Dec 2015 #29

No, it's not "very important" to anyone who doesn't want to pipoman Dec 2015 #59

Now that made me chuckle notadmblnd Dec 2015 #82

This is exactly as stupid as those "Democrats" who want Justice for Hillary pipoman Dec 2015 #84

OK it's stupid notadmblnd Dec 2015 #87

I am chomping at the bit for a Democratic president in November pipoman Dec 2015 #88

And the American people want the real change they were promised notadmblnd Dec 2015 #89

What is the appropriate response to such a FALSE claim? underthematrix Dec 2015 #96

Trump? Renew Deal Dec 2015 #112

It would not be good for the Democratic race Renew Deal Dec 2015 #111

Well you don't have to worry, it's not going to end that way. notadmblnd Dec 2015 #121

I agree Renew Deal Dec 2015 #110

The feds are likely looking in to it already. joshcryer Dec 2015 #12

hopefully hill2016 Dec 2015 #14

Highly doubtful. joshcryer Dec 2015 #15

Could Sanders' campaign be charged with conspiracy to commit a crime? hill2016 Dec 2015 #18

Sanders' "campaign" cannot be charged with conspiracy to commit this crime. JonLeibowitz Dec 2015 #19

I'm sure hill2016 Dec 2015 #31

The independent audit that the Clinton campaign should agree to will reveal all. JonLeibowitz Dec 2015 #33

I think its sad and pathetic hill2016 Dec 2015 #38

Did I ever say anything about Clinton doing something wrong? Nope, so please contain your outrage JonLeibowitz Dec 2015 #41

Yes. The audit should cover the MOM campaign also. notadmblnd Dec 2015 #83

Pergaps we should look under Hillary's bed... pipoman Dec 2015 #60

This is more likely a crime of opportunity Renew Deal Dec 2015 #113

Yes, Trey Gowdy and his committee Mr.Bill Dec 2015 #30

Please identify precisely what law could have been violated? JDPriestly Dec 2015 #54

Saving voter files of competing campaigns was certainly not "authorized." joshcryer Dec 2015 #61

I don't think you understand the concept of zalinda Dec 2015 #72

Please. This was not white hat hacking. JunkyardAngel83 Dec 2015 #77

It wasn't "the Bernie Sanders data breach" Ken Burch Dec 2015 #21

what about the people hill2016 Dec 2015 #32

Anyone who did that was fired, to the best of my knowledge. Ken Burch Dec 2015 #36

yeah hill2016 Dec 2015 #40

"The one-time staffer breach that was immediately rectified by the Sanders campaign" Ken Burch Dec 2015 #45

what I read is that it was very strategic data that Sanders campaign accessed hill2016 Dec 2015 #52

Who is responsible if you walk away from you car and leave it running? Renew Deal Dec 2015 #114

Sure, give it a shot. Scootaloo Dec 2015 #34

^^^100% pure gold^^^ AgingAmerican Dec 2015 #47

Hacking laws are ridiculously broad. Eric J in MN Dec 2015 #35

We have been calling for a full investigation since day 1 AgingAmerican Dec 2015 #42

Here is what VAN said Renew Deal Dec 2015 #115

Excellent pandr32 Dec 2015 #128

No - but not because it was legal ConservativeDemocrat Dec 2015 #43

Too late for that, DWS has already ruined party unity AgingAmerican Dec 2015 #49

Not according to the polls ConservativeDemocrat Dec 2015 #91

As long as DWS is heading the DNC there will be no unity AgingAmerican Dec 2015 #92

There will never be unity for the anti-Dem haters on the DU ConservativeDemocrat Dec 2015 #93

Hell No!! This is a classic Rove-style set-up by DNC/HRC/NGP-VAN/DWS. Fuck this shit. 99th_Monkey Dec 2015 #48

The OP is calling for a criminal investigation, not a private one AgingAmerican Dec 2015 #50

I know that. And I know what the FBI would find out with an investigation 99th_Monkey Dec 2015 #85

Don't we deserve to know the truth? Renew Deal Dec 2015 #116

Of course we do. 99th_Monkey Dec 2015 #122

Absolutely and of Hillary's servergate....why don't we just indict all of the Dem candidtes pipoman Dec 2015 #56

Trashed for dishonestly... MattSh Dec 2015 #58

K&R! stonecutter357 Dec 2015 #62

Who says the FEC hasn't already started one? nt msanthrope Dec 2015 #64

Probably the FBI, not the FEC Renew Deal Dec 2015 #117

Yes that would be smart rjsquirrel Dec 2015 #65

Yes. I hadn't read the backround of "Josh" until this morning on HuffPo and Vinca Dec 2015 #67

The article is intended to look that way. Renew Deal Dec 2015 #118

Well, it does look odd. Especially, given his resume, how he responded to the breach. Vinca Dec 2015 #124

Did I miss something? Was the system hacked? mmonk Dec 2015 #68

Depends on the definition of "hacked." Eric J in MN Dec 2015 #79

No. No. Renew Deal Dec 2015 #119

Yes (nt) bigwillq Dec 2015 #69

You would first need to have evidence of a criminal nature. randome Dec 2015 #70

LOL seriously JunkyardAngel83 Dec 2015 #80

The polling data from NH and Iowa must be not good. Warren Stupidity Dec 2015 #73

the desperation of the hillary supporters is rising to a new level, they see 2008 happening again bowens43 Dec 2015 #75

A full investigation. Yes. 99Forever Dec 2015 #78

Give the job to the Benghazi committee JustABozoOnThisBus Dec 2015 #81

It should be led by Trey Gowdy's haircut Renew Deal Dec 2015 #120

What criminal law was broken? Vattel Dec 2015 #95

with as high profile as this appears to be PowerToThePeople Dec 2015 #125

We need a Thorough Investigation fredamae Dec 2015 #126

yes, let's see how far he'll take this ridiculous gimmick R B Garr Dec 2015 #129