UK Conservative Party conference app leaks MPs personal details

The mobile conference application developed for the UK Conservative Party has released personal details of the people who registered at the party conference, including the details of the party and British government representatives.

This leak was discovered on Saturday afternoon of 29th September by Guardian columnist Dawn Foster.

Mr. Foster discovered that those who would like to attend a video conference using the Conservative Party mobile application need to register using an email address.

Applications did not use any type of authentication mechanism, such as e-mailed passwords or unique codes. To access the profile page, the user just entered the email address in the login field of the application.

Also, GDPR: What has changed so far?

Foster 's revelation to let Twitter users realize that they only need to guess Conservative members' e – mail addresses in order to access their account was not in time.

Some members of the party, like Michael Goave (Secretary of State for Environment, Food and Rural Affairs) and Boris Johnson (Secretary of Foreign Affairs), use the official e-mail address issued by the party and the government, Problem and Personality.

The perpetrator abused the flaw in the application's login system, shared the user's personal information online, and changed the details of the profile.

In the case of exle, one user accessed Boris Johnson's account and changed the profile image to pornographic image. The other one is a profile picture of Mr. Michael Go, a picture of the former employer Rupert Murdoch.

Some of the senior British lawmaker 's phone number and e – mail address was posted on Twitter earlier in the day. Received calls and joke messages.

In a statement posted on his website, the Office of the Information Commissioner (ICO), UK's privacy officer, said he knew the fact that he was in the UK. He said "to investigate."

"The organization has a legal obligation to protect personal data.In the framework of RGPD, you must inform the ICO within 72 hours after the violation of personal data is found.This may hurt individual rights and freedoms If there is.

Access to the App was temporarily canceled in order to avoid Foster's post-twitter abuse, but according to Tweets from the UK Conservative Party Brandon Lewis, the app returns to online for this Sunday's meeting ing. .

© Zdnet

Hope you like the news UK Conservative Party conference app leaks MPs personal details. Stay Tuned For More Updates 🙂

Compsmag