https://io9.gizmodo.com/sdcc-halts-eisner-awards-voting-due-to-weird-security-s-1844081497
By Charles Pulliam-Moore
io9.gizmodo.com
June 18, 2020
The ongoing novel coronavirus pandemic forced San Diego Comic-Con to go
entirely digital this year. But voting for the annual Eisner Awards was
meant to go rather smoothly as people could participate through an online
portal put together with SDCC’s organizers. Just as the deadline for
voting was seemingly extended, however, a number of people realized
something was amiss with their accounts.
At some point this week, a number of Eisner voters—creators, comic book
store owners/managers, librarians, and historians—who’d previously cast
their ballots logged back into the portal to find, in some cases, that
they were somehow pushed into someone else’s account. Others, in instances
where they were able to get into their own accounts, found their ballots
had been altered, presumably by someone who managed to gain access to
their account at another time.
Though people having their votes changed against their will is bad enough,
the more pressing matter is that each Eisner voting account contained
sensitive information of the original owner. That means that if someone
else gained access to the account, they would potentially have access to
addresses and phone numbers, something that could pose a huge security
problem.
[...]
--
Subscribe to InfoSec News
https://www.infosecnews.org/subscribe-to-infosec-news/
https://twitter.com/infosecnews_
