Joe Biden’s campaign app had a security flaw that let users snoop on other people’s voter info
The security flaw has now been patched.
Everyone is on edge right now with the US presidential election right around the corner and now it has been revealed that there was a flaw in Joe Biden’s official campaign app which could give anyone a way to look up information about individuals.
All you needed was their name. You see, the app works by encouraging users to upload their contact list. Doing so will give you some basic information about them and lets you know if those close to you are registered to vote. Personally, that already seems a bit grimey to me, but whatever, that’s not the point. The point is that app researcher, the App Analyst, found that there were security flaws within the app that let anyone create a contact with a person’s name and it would pull up details regarding their age and birthday.
While that, in and of itself, isn’t a huge deal, it’s all of the other information that the Joe Biden app was pulling that was the real problem. By intercepting the data, App Analyst could find information not displayed on the app. This included home address, date of birth, ethnicity, and party affiliation.
The data provided to the app comes from TargetSmart, a political marketing firm.
A spokesperson for the Biden campaign tells TechCrunch that the error has been fixed and an update was pushed out:
“We were made aware about how our third-party app developer was providing additional fields of information from commercially available data that was not needed. We worked with our vendor quickly to fix the issue and remove the information. We are committed to protecting the privacy of our staff, volunteers and supporters will always work with our vendors to do so.”
Overall, in the grand scheme of things, most of this information could be found with some Google searches and some social profile browsing, but still, you never want to hear about data breaches in apps, especially ones connected to the US election.
- TikTok is suing the Trump administration because they think the app ban is bullshit
- Facebook is taking a stand against bullshit posts related to the Oregon wildfires
- Microsoft says hackers from Russia, Iran, and China are targeting presidential campaigns
- Ahead of the US election, Facebook will pay people to deactivate Facebook and Instagram