Campaign Gaffe: How a Voter Contact App Exposed Credentials and Code

A code repository including access credentials for Campaign Sidekick, a Republican voter contact and survey app, has been secured by UpGuard. The repository was hosted on Campaign Sidekick’s primary website and was open to public access due to misconfiguration of the “.git” directory. The exposed repository also contained credentials for accessing management software and servers of another US elections-related company, Voter Gravity.