Conservative Party Chairman Responds To App Security Flaw

30 September 2018, 10:08 | Updated: 30 September 2018, 10:56

Brandon Lewis responds to the security flaw that meant anybody could access the personal details of those attending the Conservative Party Conference in Birmingham.

A major security flaw in the official Conservative Party Conference app, which allowed anyone to access and change the personal details of ministers, MPs, journalists and other attendees, has been uncovered ahead of the conference.

The app did not require a password to access accounts, making it possible to access the email addresses and mobile numbers other other attendees.

Speaking to Andrew Castle, Conservative Party Chairman Brandon Lewis said that the technical issue was resolved "within half an hour" of the party being made aware of it.

Mr Lewis also confirmed that an initial report had been made to the Information Commissioners Office.

He said: "It's not good enough that anybody's data could have been made available in any way.

"We will be making further investigations before making a further report to the ICO."

Brandon Lewis speaking from the Conservative Party Conference in Birmingham
Brandon Lewis speaking from the Conservative Party Conference in Birmingham. Picture: LBC

Dawn Foster, a Guardian columnist, said that after discovering the flaw, she's been stuck logged into the app as the former Foreign Secretary Boris Johnson.

She told Ian Payne that she's not been able to log out of the app, and has been receiving notifications intended for Mr Johnson.

A Conservative Party spokesman said: "The technical issue has been resolved and the app is now functioning securely. We are investigating the issue further and apologise for any concern caused."

A spokesperson for the Information Commissioner's Office (ICO) said it would be making inquiries about the breach and added that "organisations have a legal duty to keep personal data safe and secure".

Comments

Loading...