WASHINGTON (AP) — Another computer-security firm raised concerns Monday about the potential for hackers to glean users’ personal data from phone apps released by the campaigns of Republican presidential contenders Ted Cruz and John Kasich.
An independent analysis by Symantec determined that the “Cruz Crew” phone app could allow third parties to capture a phone’s unique identifying number and other personal information. The company said the Kasich 2016 app could expose users’ location data and information about other apps installed on the phones.
Symantec’s analysis used a test that collects unencrypted data being transmitted from phones running the campaigns’ apps.
The Associated Press first reported on potential vulnerabilities in March after the computer-security firm Veracode performed detailed reviews of phone apps released by presidential campaigns from both parties. The Cruz campaign updated its app to resolve some issues, while Kasich spokesman Rob Nichols said the security experts didn’t know what they were talking about.
The Cruz and Kasich campaigns did not respond Monday to messages seeking a response to Symantec’s analysis.
Neither firm found suspect code in the app released by the campaign of Democrat Bernie Sanders. The campaigns of Republican Donald Trump and Democrat Hillary Clinton have not released their own apps.
The AP previously reported that the “Cruz Crew” app is designed to gather detailed information from users’ phones — tracking their physical movements and harvesting the names and contact information of friends. That information and more is then fed into a vast database containing intimate details about nearly every adult in the United States to build psychological profiles that target individual voters determined to be likely Cruz supporters.
The Cruz campaign said the app’s users voluntarily share their personal data, and how that information is collected and shared is detailed in legal disclosures available online.
Follow Michael Biesecker on Twitter at http://twitter.com/mbieseck