Monday 24 October 2016

Buzzfeed used Jeremy Corbyn’s new website to send a resignation letter from Jeremy Corbyn

Published 09/10/2015 | 13:23

New Labour party leader Jeremy Corbyn
New Labour party leader Jeremy Corbyn

Buzzfeed News discovered a pretty big security flaw in Labour leader Jeremy Corbyn’s new website for the 'People's Movement' grassroots campaign.

  • Go To

The website allows you to send an email to anyone and asks you to enter your email as the address it will show as 'sent from'.

However, a lack of verification checks mean that users can enter in anyone's address - and politicians emails are public information.

Buzzfeed reported Siraj Datoo edited the provided email text to read: "Dear Siraj, I just wanted to let you know that after a successful launch of Momentum, I have decided to step down as leader. Yours, Jeremy".

He then sent the email to himself to test his theory, entering the 'sent from' address as Corbyn's official email -

While the subject line remains 'People's Momentum', Datoo points out that allowing the rest of the fields to be edited without checks could make it very easy for phishers and online fraudsters to send emails pretending to be someone else.

The emails entered - of both parties - will also be saved to the website. The privacy policy of the website has been updated to reflect this.

A spokesperson for the 'People's Momentum' told Buzzfeed they would "look into" the page with their tech engineers.

Online Editors

Read More

Promoted articles

Editors Choice

Also in Entertainment