On Saturday 29th September at around 1350 UK time we were made aware that a small number of attendee profiles were fraudulently accessed on the app that we are providing for the Conservative Party Conference.
An error meant that a third party in possession of a conference attendee’s email address was able, without further authentication, to potentially see data which the attendee had not wished to share – name, email address, phone number, job title and photo.
The error was rectified within 30 minutes. It is likely that it affected a very small proportion of attendees and we are working with the Conservative Party to ensure any potentially affected attendees are notified. We will also be reporting this to the ICO and reviewing and amending our Data Policies. We apologise unreservedly to the Conservative Party and their attendees.