Democrats in the Missouri House of Representatives are speaking out against Gov. Mike Parson's claim over a data vulnerability found in the Department of Elementary and Secondary Education's website.
Parson claimed in a news conference that it could "cost Missouri taxpayers as much as $50 million."
The vulnerability was found last week on DESE's website by a St. Louis Post-Dispatch reporter and it exposed the Social Security numbers of over 100,000 teachers.
State Democratic lawmakers called into question the $50 million figure that Parson claimed. In the news conference last week, Parson suggested that the money could go toward prosecuting the reporter who discovered the vulnerability.
Democrats on the House Budget Committee inquired the governor's office about how they decided upon that amount and what it would be used for. The committee said they were told by the governor's office the $50 million was a "loose number" and a "preliminary estimate."
"The only two costs that they mentioned might be included would be the cost for credit monitoring for teachers and the cost of potentially setting up a call center," State Rep. Peter Merideth, a Democratic member of the House Budget Committee, said. "Neither of those things is going to close to $50 million."
Unrelated to the DESE incident, the Missouri teacher's pension manager PSRS/PEERS, which serves over 228,000 teachers and retired educators, also had a security breach in September.
Merideth says the service offered credit monitoring and call center support in response, but it cost them less than $600,000 for over double the number of people impacted.
The House Budget Committee found this out in their own inquiry of PSRS/PEERS. This raised questions for Democrats on the committee as to why the remedy for the approximately 100,000 teachers in the DESE incident would amount to $50 million.
"The fact is, it sounds like he made up the number," Merideth said.
Merideth and other Democrats on the Budget Committee say they are unsure exactly how much credit monitoring and a call center for the DESE incident would cost. However, Merideth says they feel there could be beneficial ways to spend money mending the issue.
"What we should be spending money on is updating our systems and making sure they're secure," Merideth said.
The House Budget Committee also suggested the Office of Administration Information Technology Services Division, which services the state's agency websites, should cover the costs.
The governor's office has not yet responded to the Committee's release or given any more detail about how much money it plans to spend remedying the data vulnerability.
