Cybersecurity & Standards, Government Surveillance
Clinton and Sanders are fighting about data because campaigns are bad at protecting it
Verge:
This week saw the first data breach of the 2016 campaign. Last night, BuzzFeed News reported that one of Bernie Sanders’ staffers accessed confidential information from Hillary Clinton’s campaign, made possible by a larger security failure by a third-party vendor. It’s still unclear how many staffers saw the data — the Sanders campaign says only one, while the Democratic National Committee says as many as four — but it doesn’t seem to have traveled farther than those staffers. Still, the consequences have been dire. Since the news came to light, the DNC has barred Sanders from accessing its records until the matter is resolved, hobbling the campaign.
As breaches go, it’s relatively mild — none of the data was publicly released — but it shows that the ability of campaigns to protect data hasn’t kept pace with their use of it. The Clinton breach was only possible because of a poor software patching process by a third-party database operator, hired by the DNC. Once the data was exposed, the Sanders campaign either didn’t realize how serious the breach would be taken or how easily it could be caught. In either case, the root of the scandal comes down to political organizations with massive stores of sensitive data and none of the sense required to safeguard it.
…
“They don’t have the proper incentives to protect this data,” Joseph Hall, chief technologist at the Center for Democracy and Technology, told The Verge. “It’s very clear that, just like you saw with Target and Home Depot, security is not their primary concern.”
