With the Conservative conference coming up, journalists have hacked the official app by pretending to be various Conservative MP's. One Guardian journalist is currently logged on as Boris Jonson and can't log off, as the system was locked when the fustercluck was discovered. Emails and photos were accessible and some photos were changed.
The phone numbers of Senior Conservatives were accessible by anyone who spoofed a Conservative MP on the app. This news broke around an hour ago and so you can pretty much choose your source of choice for more info.
Here is a Sky report
Senior Tory MPs' phone numbers exposed in Conservative Conference app flaw
{Edited to add link to BBC coverage which includes images of the app
Tory app security breach reveals MPs' numbers }
As the time of writing there were no derisory posts on the app maker's twitter feed but it might be worth checking later, given that they claim the app to be GDPR compliant, despite no password being required to access accounts. Of course it may be the way the accounts were set up by whoever was tasked with it.
CrowdComms (@crowdcomms) | Twitter
Crowd Comms wrote in their blog on 7th September about security - physical security, not app security...
3 Unexpected Event Security Tips - crowdcomms
Well this was certainly unexpected!!!
Out of interest, here is the conference agenda:
Commercial Opportunities, The Conservative Party Conference, Birmingham ICC, 30th September - 3rd October 2018