From time to time, security researchers would come across exploits and security vulnerabilities in apps, websites, services, and so on. Usually what happens is that these researchers will then disclose the information to the company and give them time to right the mistake, before publishing it online.
In most cases they tend to get paid a bounty for discovering said bug, but not in the case of 31-year David Levin. According to reports, it seems that Levin was actually arrested for disclosing the security exploits of the Lee County state elections website. The exploit in question would have revealed admin credentials if left unchecked.
However instead of being thanked or rewarded, Levin was arrested and is now facing three third-degree felony counts of property crime. A Florida Department of Law Enforcement official issued a statement which reads, “Levin used a specialist software program to obtain illegal access to the Lee County state elections website and while he had access he obtained several usernames and passwords of employees in the elections office.”
“Levin then went a step further and used the Lee County supervisor’s username and password to gain access to other password protected areas. All this was done Levin not seeking permission from the elections office.” In the meantime you can check out the video above in which Levin details the vulnerability while sitting next to elections supervisor Dan Sinclair, who claims Levin did nothing wrong and that his arrest was “horrible”.