Phone numbers and other personal details of senior ministers from Britain's Conservative party were made public by an app security flaw on Saturday, including those of top Brexiteers Michael Gove and Boris Johnson.
Phone numbers and other personal details of senior ministers from Britain’s Conservative party were made public by an app security flaw on Saturday, including those of top Brexiteers Michael Gove and Boris Johnson.
Several top MPs reportedly received nuisance calls after their profiles were accessed on the official mobile application for the annual party conference, which kicks off this weekend. The security breach saw members of the public able to enter the politicians’ profiles using just their email address — a point of contact widely available online — to view and edit the data stored within.
Former foreign secretary Johnson had his profile picture briefly swapped for pornography and his job title changed to an profane insult, according to several Twitter users. Meanwhile Environment Secretary Gove’s picture was changed to one of media tycoon Rupert Murdoch, his former employer when he was a journalist. Among the first to report the flaw was Dawn Foster, a columnist for daily The Guardian. “The Tory conference app allows you to log in as other people and view their contact details just with their email address, no emailed security links, and post comments as them,” she wrote on Twitter, using a colloquial name for the party.
“They’ve essentially made every journalist, politician and attendee’s mobile number public. Fantastic.” A Conservative party spokesperson apologised for the breach, saying the technical issue had “been resolved and the app is now functioning securely”. The party’s yearly gathering begins on Sunday in the city of Birmingham in central England. Britain’s data watchdog, the Information Commissioner’s Office (ICO), said it was investigating the breach related to the app, which was developed by an Australian firm called Crown Comms. The opposition Labour Party said the blunder showed the ruling party could not be trusted in matters of security. “They can’t even build a conference app that keeps the data of their members, MPs and others attending safe and secure,” said shadow cabinet office minister Jon Trickett.