According to a report from the BBC, the app included a button that allowed users to enter an attendee’s email address which granted access to sensitive information without the need to enter a password. This information included e-mail addresses and phone numbers, which could also be changed. These security flaws meant that the information for senior cabinet ministers could be accessed and changed, and indeed saw several high-profile cabinet members have their accounts vandalized. The company behind the app, CrowdComms, released a statement this morning regarding the incident that apologised for the oversight.
