Biden Campaign App bug gave anyone access to millions of voter files

According to a new bombshell report from TechCrunch, a bug in Joe Biden’s campaign app that has now been patched gave anyone access to millions of voter files.

A review by “The App Analyst” revealed he could trick the app into pulling anyone’s information simply by creating a contact on his phone with that voter’s name.

App Analyst wrote:

An issue occurs when the contact in the phone does not correspond with the voter but the data continue to enrich the voter database entry. By adding fake contacts to the device a user is able to sync these with real voters. While the response from the “get_voter” server endpoint is minimized, after the data from the contact enriches the voter entry through the “set_voter” endpoint the non-redacted voter database entry is returned.

Querying the voter data the JSON object returned says this voter has potentially voted both for Democrats and Republican candidates.

Matt Hill, spokesperson for the Biden campaign admitted the error and said it’s been fixed.

He said “We were made aware about how our third-party app developer was providing additional fields of information from commercially available data that was not needed.”

“We worked with our vendor quickly to fix the issue and remove the information. We are committed to protecting the privacy of our staff, volunteers and supporters will always work with our vendors to do so,” Hill added.