DNC: Sanders campaign improperly accessed Clinton voter data

[InfoSec News <alerts () infosecnews org>]

https://www.washingtonpost.com/politics/dnc-sanders-campaign-improperly-accessed-clinton-voter-data/2015/12/17/a2e2e14e-a522-11e5-b53d-972e2751f433_story.html

By Rosalind S. Helderman, Anne Gearan and John Wagner
The Washington Post
December 17, 2015

Officials with the Democratic National Committee have accused the 
presidential campaign of Sen. Bernie Sanders of improperly accessing 
confidential voter information gathered by the rival campaign of Hillary 
Clinton, according to several party officials.

Jeff Weaver, the Vermont senator’s campaign manager, acknowledged that a 
low-level staffer had viewed the information but blamed a software vendor 
hired by the DNC for a glitch that allowed access. Weaver said one Sanders 
staffer was fired over the incident.

The discovery sparked alarm at the DNC, which promptly shut off the 
Sanders campaign’s access to the strategically crucial list of likely 
Democratic voters.

The DNC maintains the master list and rents it to national and state 
campaigns, which then add their own, proprietary information gathered by 
field workers and volunteers. Firewalls are supposed to prevent campaigns 
from viewing data gathered by their rivals.

NGP VAN, the vendor that handles the master file, said the incident 
occurred Wednesday while a patch was being applied to the software. The 
process briefly opened a window into proprietary information from other 
campaigns, said the company’s chief, Stu Trevelyan. He said a full audit 
will be conducted.

[...]

--
Evident.io - Continuous Cloud Security for AWS.
Identify and mitigate risks in 5 minutes or less.
Sign up for a free trial @ https://evident.io/