BBC
Conservative MPs including Boris Johnson have had their phone numbers and other personal details revealed by the party’s conference app.
A Guardian columnist highlighted the security breach on Twitter and the BBC was also able to access private details of people attending the event.
The Conservative Party apologised for “any concern caused” and said “the technical issue has been resolved”.
The Information Commissioner’s Office said it would be making inquiries.
BBC political correspondent Chris Mason said the technical glitch was “deeply, deeply embarrassing” for the party.
The Guardian’s Dawn Foster, who is attending the conference, tweeted about the security breach and said she had been able to access the former foreign secretary’s personal details, including his mobile phone number.She shared a redacted picture of Mr Johnson’s profile, which did not reveal his phone number.It appears that people could access an MP’s personal details by entering their email address, without a password, when pressing the attendee’s button in the app.
This button has since been removed on the app, which was created by Australian firm Crowd Comms.Conservative Party chairman Brandon Lewis said the app was “now functioning securely” and the party would be “investigating the issue further”.
On Thursday the Evening Standard reported Mr Lewis was set to “unveil the first ‘interactive’ conference app” on Sunday in a bid to overhaul the Conservatives image, and appealing to the younger voter.
Prime Minister Theresa May, who was arriving at the conference in Birmingham, ignored questions from reporters about the security blunder.
The Press Association said the details of Environment Secretary Michael Gove had also been shared online.
On the very day Business Secretary Greg Clark expressed concern about Facebook’s security breach, the Conservative Party has had to say sorry for its own.
This conference hasn’t even started yet, but officials are already rattled.
One Conservative source described it to me in very colourful, unbroadcastable terms, in a text message he sent me by accident.
Was this a breach of national security? No. Was it an unforced error the party could do without, and a bumpy start to what was already likely to be a bumpy conference? Yes.