Typeform Breach Update: Political Parties TEC, ARM, And UK’s LibDems Affected

The Typeform data breach that shook the internet world last week now appears much more shocking and far-reaching then initially speculated. At that time, Typeform did not clearly mention the affected customers. Rather it summed up by saying that it is notifying the affected customers directly. However, the recent reports and repeated confessions about data breach from a number of organizations give us a hint of the Typeform’s victimized clientele. In this Typeform breach update, we report the data breaches faced by various political parties.

Tasmanian Electoral Commission Confessed Immediately After Typeform Breach

One of the initial entities that confirmed data breach right after the news about Typeform breach surfaced online, is the Tasmanian Electoral Commission (TEC). After receiving the notification from Typeform, they quickly published a media release about the incident.

As stated in it,

“Typeform’s full investigation of the breach identified that data collected through 5 forms on the TEC website had been stolen.”

TEC used Typeform’s forms for ‘election services’ for the past three years. The breached data includes electors’ names, email addresses, date of birth, and enrolment addresses. TEC committed to informing the affected electors about the breach.

UK’s Liberal Democrat Party Also Hit By Typeform Data Breach

On July 2, 2018, three days after the Typeform data breach, Britain’s Liberal Democrats Party also confirmed in a post on its website about the data compromise. They also ‘voluntarily’ reported the matter to ICO. As explained in the statement,

“Typeform have informed us that an external hacker managed to get unauthorized access to one of our recent Member Experience Survey and downloaded the results.”

The information accessed by the hackers includes names, email addresses, and political opinions. So the party warns everyone to be wary of phishing or spam emails. Yet they confirm the breached data included no financial information.

“We are in communication with Typeform and will be re-evaluating our relationship with them in light of this incident. We take the security of your data seriously and if we are not satisfied that sufficient steps have been taken to secure your data, we will terminate our relationship with Typeform,” reads their press release.

Moreover, they have also informed those affected by the incident via email.

Australian Republic Movement Also Confirmed Data Breach

After Tasmania and UK, the next political party affected by the Typeform data hack is Australia’s Republic Movement. Like the other two, they have also released an official statement on their website after being notified by Typeform regarding the incident.

“We are very sorry this has happened,” reads the ARM statement. “We chose a leading provider for the form service and the breach that’s occurred is not acceptable to us.”

Following the mandatory regulations, ARM too informed the affected users via separate emails. They confirm the safety of financial details and also confirm the security of ‘ARM’s own data’ stored privately. Moreover, they further state that they will review their relationship with Typeform for future campaign activities.

It is important to note here that all the three victims reported above belong to separate regions of the world. This shows how gigantic Typeform’s clientele is. However, with the repeated instances of ending relationships with Typeform by victim entities, one can certainly speculate the extent of loss faced by Typeform after the breach.

Let us know your thoughts in the comments section.

Related posts

Water Facilities Must Secure Exposed HMIs – Warns CISA

Microsoft December Patch Tuesday Arrived With 70+ Bug Fixes

NachoVPN Attack Risks Corporate VPN Clients