Conservative Party accidentally leak MPs' and journalists' phone numbers through its conference app

Sign up for the View from Westminster email for expert analysis straight to your inbox

Get our free View from Westminster email

Please enter a valid email address

Please enter a valid email address

SIGN UP

I would like to be emailed about offers, events and updates from The Independent. Read our privacy notice

The Conservative Party has accidentally revealed personal details of senior cabinet ministers, MPs and prominent journalists in a major security breach on its official conference app.

The data watchdog is investigating the system flaw which allowed anyone to access mobile numbers, email addresses and private data belonging to conference attendees, simply by logging in using someone’s email address.

Some social media users accessed Boris Johnson’s profile, which provided them with the former foreign secretary’s phone number, while others reportedly posted pornography as his profile picture.

Private data for environment secretary Michael Gove and Gavin Williamson, the defence secretary, was also among the information made public in the breach, which emerged ahead of the annual Conservative Party conference in Birmingham tomorrow.

The blunder could leave the Tories open to being fined and an investigation by the Information Commissioner’s Office (ICO).

An ICO spokesperson said: “We are aware of an incident involving a Conservative Party conference app and we will be making enquiries with the Conservative Party.

“Organisations have a legal duty to keep personal data safe and secure. Under the GDPR they must notify the ICO within 72 hours of becoming aware of a personal data breach, if it could pose a risk to people’s rights and freedoms.”

Labour immediately seized on the gaffe as an example of how the government could not be trusted to keep the country safe.

Jon Trickett, shadow Cabinet Office minister, said: “How can we trust this Tory government with our country’s security when they can’t even build a conference app that keeps the data of their members, MPs and others attending safe and secure?

“The Conservative Party should roll out some basic computer security training to get their house in order.”

Momentum, the grassroots Labour supporters organisation, accused the Tories of being “staggeringly incompetent”.

A spokesperson said: “Our conference app was built by a team of volunteers for next to no money, and I’m sure they’d be happy to give the Tories a few tips for next year.”

The app, created by an Australian firm called Crown Comms, was updated and the login function removed after concerns were raised with the party.

A Conservative spokesman said: “The technical issue has been resolved and the app is now functioning securely.

“We are investigating the issue further and apologise for any concern caused.”