» » Conference app for the UK’s Conservative Party leaked attendee data

Conference app for the UK’s Conservative Party leaked attendee data

This weekend, members of the UK’s Conservative Party kicked off their annual conference in Birmingham, using the event to highlight their plans and priorities for the coming year. This year’s event had a rocky start: its official app allowed users to access personal contact information of other attendees, without a password.

According to the BBC, the app had a button that allowed users to press a button and enter an attendee’s e-mail address, which gave them access without prompting them for a password. Several attendees reported that they were not only able to access non-public information in the accounts of various party members such as phone numbers and e-mail addresses, but they could also change said information. Various high-profile cabinet members had their accounts vandalized, while two cabinet members reportedly received prank calls because of the vulnerability.

CrowdComms, the company behind the app released a statement this morning, apologizing for the oversight and noted that the issue had been fixed "within 30 minutes,” although there were apparently lingering issues, such as push notifications going to the wrong people.

The incident has prompted numerous inquiries: Conservative Party chairman Brandon Lewis said in a tweet that the party was investigating the incident, while the Information Commissioner’s Office, the body responsible for upholding information rights, says that it’s aware of the incident, and that it’s "making enquiries with the Conservative Party.” The Telegraph notes that if it’s found to have violated European laws regarding data protection, the party "could face a fine of up to 4 [percent] of its income”, or £2 million. It’s an embarrassing start to the Party’s conference, which had touted the app as a way to overhaul the party’s image as an out-of-touch political party.

NEXT UP IN TECH
The FBI used a suspect’s face to unlock his iPhone in Ohio case
Leak reveals Microsoft’s Surface Laptop 2 and Surface Pro 6 might lack USB-C ports
Nearly a quarter of US households own a smart speaker, according to Nielsen
Best Buy accidentally sells customer the new, unannounced Chromecast
What Tesla’s union-busting trial means for the rest of Silicon Valley
Panasonic’s Lumix S1R is an unapologetically blocky pro camera
from-www.theverge.com
Angelaned
Angelaned от 14 March 2019 00:02
Спасибочки, что просветили, и, главное, как раз вовремя. Подумать только, пять лет уже в инете, но про это первый раз слышу.

заработок в интернете
Reneereary
Reneereary от 5 May 2019 19:30
Извините, что я Вас прерываю, но не могли бы Вы расписать немного подробнее.

линолеум
Add comment

Leave Comment

    • bowtiesmilelaughingblushsmileyrelaxedsmirk
      heart_eyeskissing_heartkissing_closed_eyesflushedrelievedsatisfiedgrin
      winkstuck_out_tongue_winking_eyestuck_out_tongue_closed_eyesgrinningkissingstuck_out_tonguesleeping
      worriedfrowninganguishedopen_mouthgrimacingconfusedhushed
      expressionlessunamusedsweat_smilesweatdisappointed_relievedwearypensive
      disappointedconfoundedfearfulcold_sweatperseverecrysob
      joyastonishedscreamtired_faceangryragetriumph
      sleepyyummasksunglassesdizzy_faceimpsmiling_imp
      neutral_faceno_mouthinnocent
reload, if the code cannot be seen