BIRMINGHAM, England (Reuters) - British Prime Minister Theresa May’s Conservatives suffered an embarrassing security glitch on Saturday, exposing the personal contact details of senior government ministers and other leading figures on the app for their annual party conference.
Dawn Foster, a columnist with the Guardian newspaper, discovered that a flaw in the Conservative conference app allowed people to log in as anyone attending, as it simply required an email address to be entered.
It meant the mobile phone numbers of all those attending the four-day event - journalists, party members and lawmakers, including senior government ministers - could be accessed. On Twitter, Foster showed how she had been able to log into the system as former foreign secretary Boris Johnson.
“It’s let me login as Boris Johnson, and just straight up given me all the details used for his registration,” she wrote. “I’m the most tech illiterate person alive, and I’ve done this, imagine there are plenty more security bugs.”
There was no immediate response from the Conservative Party.
Media said the loophole in the app was closed after it had been pointed out to the party but not before the details of some politicians had been accessed and in some instances changed.
A journalist from the BuzzFeed website said at least two cabinet ministers had received prank calls from the public as a consequence.
Last year, May’s major conference speech descended into chaos after she suffered a coughing fit, a prankster gained access to the stage to hand her the form given to sacked employees, and some letters of her party’s slogans dropped to the ground from a sign on the stage behind her as she spoke.
“I think people will see a really impressive conference all round this year,” Conservative Party Chairman Brandon Lewis told Sky News before news of the security breach was revealed.
Reporting by Michael Holden; Editing by Peter Graff