NEW DELHI: Hours after a French hacker's Twitter account pointed at a massive security breach on INC official App, the Congress party removed its app from Google Play Store.


COMMERCIAL BREAK
SCROLL TO CONTINUE READING

On Monday morning, the French hacker - Elliot Alderson (@fs0c131y) tweeted, “When you apply for membership in the official @INCIndia #android #app, your personal data are send encoded through a HTTP request to http:// membership.inc.in.”


The Twitter handle added that the encryption for the app which collects membership data is encoded through HTTP (unsecured) and not HTTPS (secured), adding that it's easier to decode the personal data "encoded with base 64".


 



Later, Alderson tweeted, “Did @INCIndia removed their #android #app from the PlayStore just before my tweet?”


Immediately after, BJP's IT cell chief Amit Malviya attacked Congress, “Rahul Gandhi gave a call to #DeleteNaMoApp, but Congress deleted its own App from the App store after they were called out. What is the Congress party hiding?”


Entering damage control mode, Divya Spandana, Congress' Social Media and Digital Communications head, said, “Clarification: We don’t drive membership through the app, it’s done through our website http:// www.inc.in Servers for these are based in Mumbai. As you may have noticed, the link on the app is broken.” 


To this, Malviya tweeted:



A day ago, the same hacker had claimed that official Narendra Modi app or NaMo App downloaded over five million times on Android alone, sent user data to an American firm without user's consent. 


The allegations sparked a furore on social media, with both BJP and Congress launching into tirades against each other.