Norm Coleman’s Donor Database Exposed; Campaign Claims Political Motives
Former Sen. Norm Coleman (WDCpix)
In late January, accusations started flying that former Sen. Norm Coleman’s (R-Minn.) campaign had concocted a story that its Website had crashed after a torrent of visitors flooded it seeking information on whether they were among voters whose votes weren’t counted in the still-undecided Senate race between Coleman and Democrat Al Franken. The campaign’s claim of a voter surge was discredited, though not definitively disproven, by IT professionals who poked holes in the assertion. But the scrutiny of this web-savvy crowd revealed something much bigger. They discovered an unprotected database on Coleman’s Website that contained sensitive information about nearly 5,000 of Coleman’s donors. Credit card numbers, card security codes, home addresses, e-mails, the works.
The story went dormant shortly thereafter, only to return with a vengeance this week: On Wednesday, Wikileaks.org published a version of the database contents — sans full credit card numbers — apparently as a way of calling out the fact the campaign had failed to tell donors their data had been compromised, as Minnesota statute dictates.
In response to news of Wikileaks’ actions, which came in the form of two spreadsheets filled with information on supporters and donors, Coleman’s campaign fell short of apologizing, but placed blame in various places, calling it a “political dirty trick,” the work of hackers and, from Coleman himself, “a chilling, scary … attack on this campaign.”
What Team Coleman isn’t keen to admit is that, according to IT and web-security professionals interviewed by The Minnesota Independent and other media outlets, the site wasn’t hacked. Minneapolis-based IT consultant Adria Richards, who first discovered the database Jan. 28, said she needed no hacker tools to access the site. She used her Firefox browser and OpenDNS.com’s cache-check tool to detect the database. She didn’t download the compressed file, which unstuffed contained 4.3 gigabytes of data. But she took a screen shot of the web site directory and posted it on her Flickr site.
“It’s like I walked over to Norm Coleman’s house and saw his door was open, took a photo of the open door and posted it on the Internet,” she told The Minnesota Independent.
Wikileaks issued a statement that the data breach was the “result of sloppy handling by the campaign,” but Coleman attorney Fritz Knaak framed the issue as a political attack. He issued a statement Wednesday that read, in part:
The purpose or motive behind this attack is not clear. However, as we are engaged in a critical legal contest in the Minnesota courts that has a national impact on the make-up of the United States Senate, it should be abundantly obvious that this situation is extremely serious.
Follow developments on this story at The Minnesota Independent.
Paul Schmelzer is the editor of The Minnesota Independent.