- Seattle socialist: Minimum-wage discussion skewed by ‘right-wing’ GAO analysis
- U.N. warns of Muslim ‘cleansing’ in Central African Republic
- Senate blocks change to military sex assault cases
- Drug mix may have cured child born with HIV, doctors say
- De Blasio’s wife irks former mansion chef with ‘servant’ remark
- Russia’s neighbors shiver amid Putin’s Cold War moves in Ukraine
- New SAT: The essay portion is to become optional
- Military group can’t march to honor the fallen at Boston Marathon due to security changes
- Senate passes bills deleting ‘retarded’ from laws
- China announces biggest military hike in 3 years: We are not ‘boy scouts with spears’
Romney super PAC donors put at credit card risk
Online security called lacking
The political fund that has raised more than $50 million to support Mitt Romney’s bid for the presidency has been collecting money online with a system so insecure that it exposes donors’ credit card information to even casual snoopers.
Computer-security specialists say that using such low-tech systems can violate laws and that the group should notify anyone who has donated.
Restore Our Future, the super PAC helmed by former top Romney campaign officials that runs ads attacking the former Massachusetts governor’s opponents, has for months been accepting credit card information without any type of security, leaving the card numbers easily accessible.
“Quite frankly, the lack of credit card data protection on the site is unconscionable, and there is no excuse for it,” said Diana Kelley, an analyst at the technology firm SecurityCurve, which reviewed the site. “They should stop taking card data until the problem is remediated and should notify their donors that their card numbers were at risk and may have been compromised.”
The lack of basic, standard methods for dealing with personal information means anyone on the same wireless network could effortlessly record a donor’s credit card number as it is submitted. The numbers also could be stored in the browser, and people could later use the publicly available donor lists to target contributors with a solicitation that would unknowingly cause the information to be sent to them.
It also could indicate deeper problems that could jeopardize the financial information of some of the wealthiest men in America, technologists said.
“This is pretty bad. It’s very unprofessional. And if a developer doesn’t know how to provide SSL security, it’s probably a safe bet that his server isn’t storing donors’ credit card information in a secure way, either. You’d be a fool to donate money through this form,” said Tom Lee, a computer programmer at the Sunlight Foundation, which studies money in politics.
SSL security is a protocol known as “secure socket layer” for encrypting information over the Internet.
Told of the security hole Wednesday, Restore Our Future spokeswoman Brittany Gross did not express concern and would not say how many have given to the campaign via credit cards.
Late Thursday, Restore Our Future issued a written statement saying: “Because we will be targeted by hackers based on your story, we made the switchover today.” It added a secured donation page and left the old one intact. Ms. Gross did not say that the group would notify those affected.
The surprisingly amateur digital public face of the group that has had an enormous influence on the presidential campaign is telling about the nature of super PACs. While the presidential candidates bombard email lists with daily pleas for donations, the idea that a casual Romney supporter might be stirred to send money to the PAC seemed almost an afterthought.
Its donors are largely wealthy Romney supporters who have behind-the-scenes connections with political operatives. The super PACS can support a candidate as long as they do not coordinate with his official campaign.
The lack of a polished presence on the Web — its main pro-Romney pitch is titled “sample-page” — highlights broader absences. The super PAC has no office or phone number. No staffers appear on its payroll. A money machine for television ads, it deals in the millions of dollars with almost no organizational presence and often pays it out not to the actual recipient of the money, but to corporations designed as conduits.
For his efforts in wooing donors, former Romney aide Steve C. Roche recently paid himself an $800,000 “fundraising commission” — through a payment to “Podium Capital Group” at a post office box.
The maker of the super PAC’s website says it will create similar sites in as little as one day and for as little as $500, but disclosures in which political committees must detail how they spend their money also list no payments to that company.
© Copyright 2014 The Washington Times, LLC. Click here for reprint permission.
About the Author
Luke Rosiak is a projects reporter on The Washington Times’ investigative team. He formerly covered lobbying and campaign finance for two watchdog groups as well as transportation for The Washington Post. Luke can be reached at firstname.lastname@example.org.
- Md. couple indicted in scheme to cheat SBA on minority contracts
- As federal agencies trim fat, contracts feed billions in profits to 59 companies
- Conflict of interest in $4 billion government minority program
- $4 billion program for disadvantaged businesses lacks oversight
- Maryland's minority-contracting program gets failing grade on 'graduation'
Latest Blog Entries
TWT Video Picks
By Tammy Bruce
- Bill Clinton cashes in on struggling nonprofit hospital
- Putin has transformed Russian army into a lean, mean fighting machine
- Aronofsky's 'Noah' banned in Qatar, Bahrain, United Arab Emirates
- Christine O'Donnell eager to re-engage in political debate
- Kim Jong-un calls for execution of 33 Christians
- Bill Clinton poses for photo with Bunny Ranch prostitutes
- DELAY: A revolution for the Constitution
- PRUDEN: Likening Putin to Hitler on Ukraine shows Hillary's shaky grasp of history
- Back to the Future: HUVr Tech marketing video goes viral with hoverboard release tease
- Russias Putin nominated for Nobel Peace Prize
Pope Francis meets his 'mini-me'
Celebrity deaths in 2014
Winter storm hits states — again