back to article Political ad campaign biz AggregateIQ exposes tools, DB logins online

AggregateIQ – a Canadian political advertising firm that played a role in the 2016 US election and the UK's "Vote Leave" Brexit campaign – left its applications and database credentials publicly accessible, security firm Upguard said on Monday. There's no evidence that the exposed code or data was taken. Nor is there evidence …

  1. thames
    Black Helicopters

    Let's all "hack" each others elections.

    So everybody is "hacking" everybody else's election. A British company "hacked" the US election. A Canadian company "hacked" the UK referendum. Not in the story was news reported a couple of years ago that a US organisation "hacked" the Canadian election before all this. It sounds like the Russians are a bit late to the game.

    1. Steve Aubrey

      Re: Let's all "hack" each others elections.

      "It sounds like the Russians are a bit late to the game."

      And that is exactly what they want you to think. Levels upon levels . . .

    2. Mark 85

      Re: Let's all "hack" each others elections.

      More like 1984... "Under the spreading chestnut tree I sold you and you sold me," .

    3. Anonymous Coward
      Anonymous Coward

      Re: Let's all "hack" each others elections.

      @ thames

      It was Ruskies all the way down ;)

  2. Anonymous Coward
    Anonymous Coward

    Nobody cares, until they're told to.

    Countries have been interfering with the leadership selection of other countries going back, oh, say, forever. Hell, the head of the American CIA openly bragged about helping to put Yeltsin in power in Russia on national television. This stuff goes on constantly, and while I understand that anything leading to the Cheeto Führer's ascension causes consternation it's just another case of extremely selective outrage. Hell, the frigging CEO of Google - Eric Schmidt - was working for both the Obama and Clinton campaigns and nobody outside of the Republican Party cared even a little (and both of those campaigns made quite a deal about their social media manipulation savvy). It's hard to see this as anything other than another case of "It's only bad when people I don't like do it," and while people are entitled to that position they should expect a little bit of ridicule along with it.

    Another thing - nobody involved on either side cares if it's ethical, and they barely care if it's legal. They do care about potential costs and whether or not they can stir up a nice pot of outrage. That's all. Politics is an ugly, dirty business and that won't change in any of our lifetimes. They're all disgusting shtbags, and while you are entitled to support or adore the shitbag of your choice, please don't pretend they're not a shitbag because it's embarrassing to watch. Get over it and Move On.

    1. Cavehomme_

      Re: Nobody cares, until they're told to.

      Exactly that! You’ve hit the nail on the head.

    2. Anonymous Coward
      Anonymous Coward

      Re: Nobody cares, until they're told to.

      The only reason people care now is because the two elections involved (Trump/Brexit) were 50/50 or there about so the importance of this type of fixing becomes relevant especially to the losing side in an attempt to change what has already happened. In regard of Brexit I have been counting down to a second referendum since the result was published however unless there is a massive shift in regard of how it is reported and how the EU negotiate they might as well not bother but that's probably intentional.

      1. Clunking Fist

        Re: Nobody cares, until they're told to.

        "The only reason people care now is because the two elections involved (Trump/Brexit) were 50/50"

        So the Clinton campaign and Vote Remain did nothing similar?

        I have a nice bridge here...

  3. elDog

    I'd rather see boob pictures, please

    All this stuff about hacking makes my head hurt. I don't really care - I have nothing to hide.

    Now, where are the pictures of Stormy Daniels (or Christine Keeler?)

  4. JakeMS
    FAIL

    Jesus Christ

    This is just sheer incompetence! They left their code and database logins openly accessible to the world by accident?!

    How does that even happen? You would literally have to not think about security or take it into account what-so-ever for that to happen.

    This is the sort of mistake which should NOT happen!

    1. Philip Stott

      Re: Jesus Christ

      I’m working on the hypothesis that this was a deliberate accident.

      1. Loyal Commenter Silver badge

        Re: Jesus Christ

        I’m working on the hypothesis that this was a deliberate accident.

        This was my thinking too. Plausible deniability, brown envelopes stuffed with cash, and mysterious acquisition of data by newly set up and completely unrelated companies (probably in different jurisdictions) that just happen to share executives / investors.

    2. Flocke Kroes Silver badge

      Re: mistake which should not happen

      A conversation like this takes place a dozen times per day:

      PFY: I have done the minimum necessary to get that github repository working. This is the first time I have set up github. I should spend some more time reading the documentation to ensure it is configured as you want.

      PHB: Waste of time. Move on to the next item on your to-do list.

    3. Anonymous Coward
      Anonymous Coward

      Re: Jesus Christ

      1. Outsourced technical services.

      2. Low paid staff, generally means poorly skilled.

      3. Probably not training staff either.

      4. No testing done, realistically probably never been signed off by anyone at any point.

      5. Did they even know it was there? Why wasn't it internally hosted?

      6. Senior management wanted it done NOW and so IT did it straight away.

  5. Anonymous Coward
    Anonymous Coward

    This is the REAL reason..

    ..why governments are trying to pass laws that would make accessing unprotected "clouds" by security researchers illegal.

  6. unwarranted triumphalism

    Look, it says it didn't knowingly break the law. So that's ok then. Why all the big fuss?

  7. Anonymous Coward
    Anonymous Coward

    Why AggregateIQ? The evening post printed a picture with an employee of Cambridge sat in on a Leave.EU conference and the former CEO brags about number of people he got to their facebook pages, 3,000 more a day back in February last year, is this one of those throw you off the scent type ruses?

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like