Friday, September 18, 12:46
Home security An error was detected in the application of Joe Biden's campaign

An error was detected in the application of Joe Biden's campaign

The official application campaign of the Democratic candidate Joe Biden, it was discovered that he had one error which left the personal data of millions of voters exposed.


The implementation of the campaign Vote Joe, allows Biden supporters to encourage friends and family to vote for him. The application uploads and matches its contacts user with voter data provided by TargetSmart, a marketing company that claims to hold records for more than 191 million Americans.

Once the app matches someone's details, it displays the voter's name, age and date of birth and the most recent election they cast. This, according to the application, helps them users to "find people they know and encourage them to participate."

And while much of that data may already be public, the error makes it easier for anyone to access information from any voter using the app.

App Analyst, an expert security who detailed his findings on his blog of the same name, found that he could trick the app into extracting any person's information by making a contact on his phone with the voter's name.

He told TechCrunch that the application collects much more data than it actually displays. By blocking data flowing in and out of the device, he saw much more detailed and private information, including a voter's home address, date of birth, gender, nationality, and the political parties he or she supports.

Biden's campaign application has fixed the bug.

Matt Hill, a spokesman for Biden's campaign, also told TechCrunch: "We worked quickly with our vendor to fix the problem and clear the information. "We are committed to protecting the privacy of our staff, volunteers and supporters, and we will always work with our suppliers to do this."

Following the publication, Hill disputed the researcher's findings and that the application stated gender, nationality or home addresses. A TargetSmart spokesman stated that "a limited amount of data available to the public or commercially" was accessible to other users.

This is not the first time TargetSmart has been involved in data leakage. In 2017, a voter file compiled by TargetSmart for approximately 600.000 voters in Alaska was left on an exposed server without a password. And in 2018, TechCrunch reported that nearly 15 million records of Texas voters were found on an exposed and insecure server, just months before the US midterm elections.


Please enter your comment!
Please enter your name here

Absent Mia
Absent Mia
Being your self, in a world that constantly tries to change you, is your greatest achievement


US Department of Veterans Affairs: Violation also affected community care providers

The US Department of Veterans Affairs (VA) recently revealed that some hackers attacked its systems and stole personal data of about 46.000 ...

Campaign scam sells drugs using a new concealment technique

Hackers orchestrating a scam campaign selling drugs are trying a new technique, betting on unconventional representation of URLs in messages ...

US: Sanctions on a company linked to the Iranian regime for hacking operations

The US government today imposed sanctions on a company that covered a massive hacking operation organized and executed by ...

A ransomware attack on a German hospital leads to patient death

A person whose life was in danger died after he was forced to go to a more distant hospital due to an attack ...

United Kingdom: ransomware attacks on universities are on the rise

According to the National Cyber ​​Security Center of the United Kingdom (NCSC), hacking and mainly ransomware ...

Twitter: Increased security for accounts in the run-up to US elections

Twitter will urge high-profile political accounts to take increased security measures before the US election.

Ransomware hit New Jersey University Hospital

A massive data breach occurred at New Jersey University Hospital (UHNJ) as 48.000 items were exposed after a ransomware attack.

Email security training is phishing scam

A new phishing campaign pretends to be a well-known security company, sending its victims email security training.

Mozilla is launching a search for YouTube's suggestion algorithm

YouTube algorithm can lead you to some very strange suggestions, suggesting videos that seem to be to your liking ...

PS5: Sony has announced the price and release date of the console

Ready for PlayStation 5? Now you can pre-order the new console at selected retailers for the price of 500 ...