Wednesday, March 3, 2021
Home News Reports Instead of fixing security issues on their website, Congress threatens legal action for pointing...

Instead of fixing security issues on their website, Congress threatens legal action for pointing out the vulnerabilities

Congress social media cell convenor claimed the success of the Join Congress Social Media campaign has rattled BJP and ‘their troll armies to the core’, accusing the person who had exposed the issue with their website to be a BJP troll.

Days after the Congress party was found leaking data of people applying to work in its social media cell, the party has decided to go after those who had pointed out the flaws in its website. The party has also claimed that there have been “illegal attempts” to access their data, the threatened stern legal actions against the “culprits”.

It was stated in a tweet by Saral Patel, the national convenor of the Social Media Department of the Congress party. He said that they have “identified the people involved, & will legal actions will be initiated shortly”.

Patel also claimed the success of the Join Congress Social Media campaign has rattled BJP and ‘their troll armies to the core’, accusing the person who had exposed the issue with their website to be a BJP troll.

Gaurav Pandhi, the National Coordinator oif the Digital Communications & Social Media cell of the Congress party also made similar claims. He said that attempts have been made to illegally access Congress party’s Social Media Campaign data, adding that it was old data limited to two states. He claimed that they have traced and identified the people behind the “hack”, and they are filing a legal complaint against them.

The incident relates to the data of people who had applied to work for the party, which was found to kept unprotected in a website created specifically for the ambitious project of recruiting 5 lakh social media warriors. One social media user who goes by the ID @rsgovin had exposed a serious vulnerability with the website, which allowed anyone to access the data of people who had filled the online form on the site to become a social media warrior. He had posted several screenshots, showing how the Congress IT cell failed to deploy any security measures on the site, which allowed the data of applicants to be publicly accessible.

He had showed how the all the details entered by applicants on the website, including their social media IDs, email IDs, addresses, mobile numbers, passwords, voter ID details and all other details were could be easily accesses without even required administrative access to the site. It was also revealed that the passwords are stored in plain text format. This means, if these details are obtained by anti-social elements, the social media and email accounts of some of the applicants also can be at risk, considering that many people use same password on multiple platforms.

Not just applicants, the website also kept the office bearers of social media cell, including those taking interviews for new applicants, in an unsafe manner, and @rsgovin was able to access their sensitive personal details also.

However, after caught keeping the personal and sensitive data on the applicants in an unsecure manner, now the Congress party has decided to go after the messenger, instead of fixing the problem. While the Congress social media national convenor claimed there were illegal attempts to access their data, the fact is, the data was kept unsafe on their website, and no hacking was needed to access the data.

The exposer @rsgovin just used some custom queries to download all the data. It does not require any backdoor entry, any hacking, use of any malicious malware to gain access to the website. In other words, the Congress party had kept the door unbolted, and when @rsgovin pointed that out, the party is falsely accusing him of breaking into the house.

It is also notable that while exposing the issue, @rsgovin masked the sensitive information of people on the screenshots, and asked the Congress party to fix the website. With this, he acted in a very responsible manner. He acted as an ethical hacker who test software programs to detect vulnerabilities. Major zero-day vulnerabilities are detected by such ethical hackers, and IT companies actually pay such people to find loopholes in their software, in order to make them secure. But instead of thanking @rsgovin for helping them in making their platform more secure, the Congress party is threatening legal action against him, labelling him a BJP troll.

  Support Us  

Whether NDTV or 'The Wire', they never have to worry about funds. In name of saving democracy, they get money from various sources. We need your support to fight them. Please contribute whatever you can afford

OpIndia Staffhttps://www.opindia.com
Staff reporter at OpIndia

Related Articles

Trending now

Twitter forces user to delete tweet highlighting Hindu victims of Godhra massacre, days after it refused to block fake news

Users have accused the platform of deliberately censoring posts that highlight the Hindu victims of the Godhra Massacre.

Andhra Pradesh: BJP alleges evangelists built a Christian cross-shaped structure at Hindu holy site, police ‘clarifies’, leaves crucial question unanswered

BJP leaders have alleged that the huge Christian Cross symbol was put up illegally in Guntur, Andhra Pradesh where Hindus believed Sita Maa's footprints existed

Special Prosecutor in Delhi Riots case shows court a Newslaundry article that created a false narrative against the investigation

Special Public Prosecutor slammed Newslaundry in court, said they reported false information under his name in Delhi riots reportage

Remember Agra kidnapping case where a girl was shrouded in Burqa? Here is why she planned the abduction herself

On Monday night, the police recovered the girl from a PG in Delhi's Tilak Nagar area. On being asked about the abduction, she claimed to have gone to Delhi to prepare for NEET examination.

Aamir Khan shelves Mahabharat amidst controversies because ‘now is not the right time’: Reports

Aamir Khan has shelved his 'Mahabharat' project amidst controversies because the 'timing' is not right, reports say.

Miami-based art collector sells 10-second video artwork for $6.6 million, brings focus on NFTs and the value of ‘digital assets’

NFT-authenticated 10-second video artwork by Beeple sold for $6.6 million and it made people wonder if NFTs are the next big thing in tech world.

Recently Popular

‘Inserted her hand claiming she was planting a tree’: LGBT activist Divya Dureja accused of sexual assault under pretext of shamanic ritual

A popular LGBT activist Divya Dureja has been accused of sexual assault by Elodie Gendron under pretext of a Shamanic ritual.

Aamir Khan shelves Mahabharat amidst controversies because ‘now is not the right time’: Reports

Aamir Khan has shelved his 'Mahabharat' project amidst controversies because the 'timing' is not right, reports say.

Sourav Ganguly may attend PM Modi’s Brigade Ground rally in Kolkata on 7th March: Local media

Sourav Ganguly may attend PM Modi's rally at Brigade Ground in Kolkata on March 7, according to reports in local media.

The Hindu ‘journalist’ Suhasini Haidar puts out misinformation about ISRO satellite launch: Read details

Suhasini Haidar, National Editor of 'The Hindu', put out false information on social media in attempt to mislead the public.

A woman molested, a father murdered, a Samajwadi Party leader accused: Here is all you need to know about the Hathras case

"Aatankwadi hain woh", Hathras victim Pooja exclaimed, expressing her angst against the SP leader for killing her father

Gujarat: Ahmedabad woman Ayesha commits suicide by jumping into Sabarmati River, last video message goes viral

A video has gone viral on social media where Ayesha, a young woman, can be heard announcing her decision to commit suicide.
- Advertisement -

 

Connect with us

253,190FansLike
521,375FollowersFollow
23,800SubscribersSubscribe