To audit the files. That is unacceptable.

An independent audit going back at least a year.

We don't know who else accessed the files or for how long this security breach existed.

Bad.

There's one breach. How many more?

We need to audit the files soon and over a significant period. Server files are easily manipulated.

It's for the good of the whole party. Who else accessed files they shouldn't have access to? This wasn't the first breach.

No one needs to second-guess every software system in use by the DNC. The level of ridiculousness on this site since yesterday has gone from 0 to 120 in mere moments.
[hr][font color="blue"][center]All things in moderation, including moderation.[/center][/font][hr]

You are correct. A serious data breach is exposed and you want to punish Bernie but not the people that caused the problem.

It's a two way street. Action needs to be taken.

Our data, your data, was unsecure through poor protocol - more than once. It's not a Bernie/Hillary thing. This is serious.

Data is unsecured all the time. The DNC should force the vendor to fix the problem but I've worked in enough corporations over the past 3 decades to know that there are glaring holes everywhere, some that never get fixed.

To pretend like the DNC should be more perfect than any other corporation that has the same weaknesses is ridiculous. Yes, they should fix the breech. Yes, the Sanders campaign illegally accessed data. Yes, the DNC leans more toward the Democratic candidate than the Independent.

Big. Deal.
[hr][font color="blue"][center]All things in moderation, including moderation.[/center][/font][hr]

It is not rocket science and yes, hackers do win sometimes, but this is not the case.

Security of personal data is very serious.

If it's as straight-forward as you imply, we would not have hundreds of data breeches every month for major corporations who certainly have the money and the resources to prevent it from happening.

The truth is, this kind of stuff happens all the time because the systems in place are far more complex than they need to be.

That being said, of course the DNC should take whatever steps are needed to, if not close, then to make the security holes a lot smaller. But it has happened in the past and it will happen in the future. It's the nature of this crazy quilt data environment we have created.

I simply find it amusing that the DNC now needs to be micro-managed by everyone else who simply knows that they are incompetent.
[hr][font color="blue"][center]All things in moderation, including moderation.[/center][/font][hr]

I too have worked with many companies and have never had a data breach allowing access to personal information.

Higher standards are required here. Sorry, just my opinion. Not trying to micro-manage. 'Just trying to get our party to respect our data as they should.

It's true. Being quite is not one of my virtues.

...to wit: "No one needs to second-guess every software system in use by the DNC."

Actually we are talking about one specific software system in use by the DNC. Since the slipshod security of that system has been exposed, quite publicly thanks to DWS, it is of interest to all of us how the situation is resolved. The best way to proceed would indeed be an independent investigation, otherwise it will be difficult to restore trust in the system.

I don't have trust in any software system because they have too many integration problems and are far too complex, as a result.

Corporations lose data every day. I don't hear anyone calling for independent investigations, just an acknowledgement that they will work to secure that particular security hole until the next one crops up.
[hr][font color="blue"][center]All things in moderation, including moderation.[/center][/font][hr]

We're not discussing your personal trust in the DNC's software systems, we are discussing one specific failure that the company had been notified about previously.

I have worked with many software systems, and the kind of breach we are discussing is preventable. Especially if the vendor's initial story is true -- they claimed they had to open up the "firewall" (I suspect it is really a system of access permissions, rather than strictly speaking a firewall) in order to apply a patch to the software. They chose to leave the software running and let everyone keep accessing it. D'oh. Just do it off hours, notify there will be a brief outage, and take the system offline while applying the patch. Then bring it back up, check all the permissions (the "firewall" aspect), and again allow access once tests have been passed. Not hard, not hard at all.

An act of an honest man.

If a breach has been a recurring issue, we need to see ALL logs during those time periods. Or at least they need to be independently examined. Who knows whose data may have been breached by anyone? Selective log file releases paint a very narrow picture.

First, the very fact that their 'firewalls' could be so easily turned on and off tells me they've got lousy code and crappy DB permissions.

Second, the fact that as soon as Sanders' lawyer said 'We'll get discovery and see what the DNC personnel are saying in their internal emails about supporting candidates', the DNC falls all over itself to restore Sanders' campaign access, tells me that DWS knows that she and her cronies have said things in emails that show what they've been up to. I'm guessing they'll be spending some time now deleting old emails and scrubbing drives, just to make sure that can't happen in the future.

discovery is still requested

Ie, Sanders was suing for access to the DB, now he has access again, therefore there's no 'goal' left?

Here's the complaint:

https://berniesanders.com/wp-content/uploads/2015/12/Bernie2016vDNCComplaint.pdf

Pay particular attention to pages 9-11

It should be done internally but transparent to the campaigns only.

This never should have been brought to the media in the first place. I do have to wonder why the DNC did that?

The DNC made a mistake in their security protocol. But the only unethical behavior here was on the part of Bernie's campaign staff. A mistake is different from an intentional act of thievery.

But we don't know who else accessed the data at the same time. And, this isn't the first time we had a security mistake.

How can you defend not investigating this?

Plus, this should never have gone to the media. But, it did. So, steps must be taken to ensure Americans that their data is safe.

rather than Bernie's that was doing the stealing, and the DNC decided to not say anything about out, the same people would now be yelling coverup.

BTW - They didn't steal anything.

"In a statement, NGP VAN said that unauthorized users were not able to export, save or act on unauthorized information"