A bugged phone app released by the British Conservatives for an annual party conference has allowed any ordinary person to log in as an MP or even a minister, accessing officials’ private data.
A glitch in a simple conference app embarrassed British Prime Minister Theresa May’s Conservative Party as it allowed general public to access private data of the senior party officials and ministers.
The app, which was intended for those attending the four-day event, including journalists, party members and lawmakers as well as senior government officials, could technically be downloaded to anyone’s phone, and allowed the user to log in as any of the attendees by simply entering their emails with no password needed. Many party members made it even easier by registering with their public parliamentary emails.
As a result, people got their hands on troves of the MPs’ and ministers’ personal data, including their phone numbers.
Guardian columnist Dawn Foster was among the first to find the glitch. She picked everybody’s darling Boris Johnson as her target, and promptly got access to and she quickly turned to “all the details used for his registration.”
“I’m the most tech illiterate person alive, and I’ve done this, imagine there are plenty more security bugs,” she tweeted.
A number of embarrassing incidents, involving the Tories, were not long in coming. According to various media reports: two cabinet minister received prank calls on their phones; some more people logged in as Johnson and the Secretary of State for Environment, Food and Rural Affairs, Michael Gove, and left messages on their behalf in the app’s internal messaging system; Johnson’s image in the app was briefly changed to a pornographic one, and Gove’s to that of Rupert Murdoch, his previous employer at the Times.
The loophole in the app was quickly closed and the Conservatives apologized for the incident on Saturday.
“The technical issue has been resolved and the app is now functioning securely,” a Conservative spokesman said. “We are investigating the issue further and apologize for any concern caused.”
But the damage had been done. The Tories’ sloppy security policies were attacked by both the Labour and by their own members.
“It is disgraceful that people can access the personal details of MPs because of the utter incompetence of CCHQ. This could put people’s safety at risk,” said a senior Conservative cited by the Telegraph.
How can we trust this Tory Government with our country’s security when they can’t even build a conference that keeps the data of their members, MPs and others attending safe and secure? said John Trickett, Labour’s Shadow Minister for the Cabinet Office.
May ignored the questions about the glitchy app as she arrived at the the party conference in Birmingham.
Ironically, Tory chairman Brandon Lewis, who is responsible for the organization of the event, told Sky News that he believed “people will see a really impressive conference all round this year.” That was before the glitch was outed.
It’s not the first hiccup the Tories’ conference has encountered under May. Last year, a prankster gained access to the stage to hand the PM a form given to sacked employees. And as she was speaking, a letter fell off the slogan on the stage behind her.
Like this story? Share it with a friend!