Thursday, May 2, 2024

Think Tank Accidentally Exposes Personal Info. From Job Applicants

Here is more from the Washington Free Beacon:

The right-wing group that leads a recruitment effort for Capitol Hill offices and allied nonprofits, the Conservative Partnership Institute (CPI), has for months left exposed the sensitive personal information of applicants to its online "jobs bank," the Washington Free Beacon found, including members of the U.S. intelligence community, congressional aides, former Trump administration officials, and campaign operatives.

Led by former Heritage Foundation president Jim DeMint and one of his former aides, Ed Corrigan, as well as by former Trump chief of staff Mark Meadows, who the New York Times reported is paid $847,000 to serve as the organization's "senior partner," the Conservative Partnership Institute has exposed the social security numbers, home addresses, private client names, and other personal details of over 1,500 job applicants, including several who hold the highest level security clearance—known as a top secret/sensitive compartmented information (TS/SCI) clearance—in a public online storage system on an Amazon cloud. With basic web-scraping software, the records can be viewed by anyone, including America’s foreign adversaries.


The news site notes that the records were stored in open Amazon S3 buckets, which are publicly accessible unless the owner takes steps to make them private.