• Hacking News
    • Leaks
    • WikiLeaks
    • Anonymous
  • Tech
    • Android
    • Apple News
    • BlackBerry
    • Google News
    • Microsoft
    • Motorola
    • Nokia
    • Samsung
    • 3D
  • Cyber Crime
    • Phishing Scam
  • How To
  • Cyber Events
    • Censorship
    • Cyber Attacks
  • Security
    • Malware
  • Surveillance
    • Drones
    • NSA
    • Privacy
  • Explore
    • Gaming
    • Science
    • Viral
HackRead
  • March 6th, 2021
  • Home
  • Advertise
  • Privacy Policy
  • Contact Us
HackRead
  • Hacking News
    • Leaks
    • WikiLeaks
    • Anonymous
  • Tech
    • Android
    • Apple News
    • BlackBerry
    • Google News
    • Microsoft
    • Motorola
    • Nokia
    • Samsung
    • 3D
  • Cyber Crime
    • Phishing Scam
  • How To
  • Cyber Events
    • Censorship
    • Cyber Attacks
  • Security
    • Malware
  • Surveillance
    • Drones
    • NSA
    • Privacy
  • Explore
    • Gaming
    • Science
    • Viral
  • Follow us
    • Facebook
    • Twitter
    • Linkedin
    • Youtube
Home
Security

Donald Trump’s Website Caught Leaking Intern Résumé Files

September 22nd, 2016 Carolina Security 0 comments
Donald Trump’s Website Caught Leaking Intern Résumé Files
Share on FacebookShare on Twitter

The American Presidential candidate Donald Trump is known for his frequent use of social media or sometimes security breaches that take place on his hotel’s servers and election campaign website. Now, his official website is found leaking personal data related to those who applied for the internship at his election campaign.

Information leaks from Trump’s asset repository

Chris Vickery, a security researcher from Mackeeper, was the one to discover this issue which has led to the security team of Trump’s campaign to get more cautious than it usually is. Although the information leaks were related to the resumes of interns who have expressed interest in working for Trump’s campaigns and as such are not that critical, it still shows the disregard that the business magnate has for such matters.

A closer look at the incident

Vickery explained that the resumes have been found on Amazon’s cloud server and that the website itself was badly configured. The misconfiguration allowed Vickery to access the asset repository in which the resumes of the interns were stored. The actual lead that helped Vickery realize the weakness was the fact there was code 301 error rather than a 401 denial. This made him curious and thereby stumbling upon the folder containing resumes after playing a bit with the website.

Must Read: Someone Hacked A Freeway Sign To Display Pro-Donald Trump Message

“After discovering this asset server’s existence, and my URL fuzzer being met with code 301 redirects instead of code 403 denials, I started digging. Because directory listing was disabled, there was no easy way to enumerate folder names within the asset bucket. I was running through a small dictionary of common folder names when I got a hit on a folder named ‘résumés’,” according to Vickery’s blogpost.

donald-trumps-website-caught-leaking-intern-resume-files-2

Vickery shared one of the resume files he downloaded from Trump’s website / Image Source: MacKeeper

The breach is not uncommon in such cases where the website has been badly misconfigured. It only takes an attacker or two who have the skills to breach the security and the make the security team realizes that their mishap can lead bigger problems. Not to mention that we are talking about a team who works for someone who can be the next president of the United States.

Although, the information that was accessed only related the names, employment history and other things that one finds on a resume. Vickery told that he had stopped playing with the website, otherwise he might have got some more serious information. This time, it was perhaps to warn the security guys of Trump’s campaign to pay more attention to what they do before they get fired ruthlessly.

“Sucks that it was up for who knows how long, but my info is already in the hands of about every telemarketer and spam emailer in the world, Vickery told MotherBoard.”

[fullsquaread][/fullsquaread]

Related: Donald Trump’s Website Hacked with Jon Stewart Tribute

Reaction of the victims

One of the interns who was made aware that his information has been leaked as such simply stated that he is not too surprised as he has given away resumes to perhaps a number of spammers and other online marketers for that matter.

Trump – the usual target

The breach may not be the first of its kind as previously too, Trump has been the victim of various hacks with the most recent one being by Anonymous and other hackers who got hold of this payment information.

As of now, the breach is typical for someone who cares mostly about business. However, let’s just say that if Trump gets elected, his people better get more serious about security or who knows what can happen.

[src src=”Source” url=”https://mackeeper.com/blog/post/272-trump-website-leak”]MacKeeper[/src]

[src src=”Image Source” url=”https://www.flickr.com/photos/80038275@N00/17008539407″]/Michael Vadon/Flickr[/src]

Did you enjoy reading this article? Kindly do like our page on Facebook, follow us on Twitter and Google + and help us grow.

Suggest ideas, report typos and corrections to admin@hackread.com

  • Tags
  • Donald Trump
  • Elections
  • hacking
  • internet
  • Privacy
  • security
  • USA
Facebook Twitter LinkedIn Pinterest
Previous article Black Team's tool 'RAUM' is infecting torrent users with malware
Next article Yahoo to announce breach of more than 200 million user accounts
Carolina

Carolina

Carolina works for HackRead as a technical writer. She is a Brazilian traveller who has been to almost every country around the world. She has a keen interest in technology, gadgets and social media.

Related Posts
Microsoft, FireEye report 3 new malware linked to SolarWinds hackers

Microsoft, FireEye report 3 new malware linked to SolarWinds hackers

Threat actors hijacking Bitbucket and Docker Hub for Monero mining

Threat actors hijacking Bitbucket and Docker Hub for Monero mining

IT Security firm Qualys extorted by Clop gang after data breach

IT Security firm Qualys extorted by Clop gang after data breach

Newsletter

Get the best stories straight into your inbox!



Don’t worry, we don’t spam

Latest Posts
Microsoft, FireEye report 3 new malware linked to SolarWinds hackers
Cyber Attacks

Microsoft, FireEye report 3 new malware linked to SolarWinds hackers

Threat actors hijacking Bitbucket and Docker Hub for Monero mining
Security

Threat actors hijacking Bitbucket and Docker Hub for Monero mining

Top Russian hacker forums Maza, Verified hacked; data leaked online
Hacking News

Top Russian hacker forums Maza, Verified hacked; data leaked online

HACKREAD is a News Platform that centers on InfoSec, Cyber Crime, Privacy, Surveillance and Hacking News with full-scale reviews on Social Media Platforms & Technology trends. Founded in 2011, HackRead is based in the United Kingdom.

Follow us