The Southwest Airlines flight attendant union will rerun a ballot of its members over a new tentative contract after a number of vulnerabilities were discovered in the voting system, meaning the union can no longer trust the result. Last week, the TWU 556 union announced that its members had resoundingly rejected the proposed contract, with…
During a live video stream of the ballot result, a representative of TrueBallot shared their screen, which displayed an internet URL in the address bar of their web browser. A flight attendant watching the stream copied the URL into their own computer and discovered that the link took them to an unsecured database of the vote.
The flight attendant was able to view the name of everyone who had voted and what ballot they had cast, alongside their email address. The database could even be edited, and ballots could be added and deleted.
TrueBallot had literally one job there. It’s not even that hard to provide a secure balloting system for 10k people.
TrueBallot had literally one job there. It’s not even that hard to provide a secure balloting system for 10k people.