A staffer on the Bernie Sanders campaign was able to improperly access Hillary Clinton voter data due to a security glitch on the Democratic National Committee’s system, setting off alarm bells at the Democratic Party’s headquarters.
In response, the DNC has cut off the Sanders campaign from accessing key national party voter data, a potentially major setback for the campaign a little more than a month before the Iowa caucuses. And the DNC is itself ordering an audit of its system, a party official said.
The Sanders campaign said that it had fired the staffer who improperly accessed the data.
“After discussion with the DNC it became clear that one of our staffers accessed some modeling data from another campaign,” spokesman Michael Briggs said in a statement. “That behavior is unacceptable and that staffer was immediately fired.”
The DNC official said that the glitch in its voter data did not expose any information to the general public and was only vulnerable to secure users for three hours. The glitch, the official said, was due to a brief software patch by the vendor, NGP VAN.
NGP VAN did not immediately respond to a request for comment.
“The DNC places a high priority on maintaining the security of our system and protecting the data on it. We are working with our campaigns and the vendor to have full clarity on the extent of the breach,” said DNC communications director Luis Miranda.
The Washington Post first reported that the Sanders campaign accessed Clinton data.
The Democratic Party is responsible for maintaining a crucial file of voters that can be mined by presidential campaigns, as well as state and local parties in elections, allowing candidates to target voters and vastly increase turnout. It is one of the party’s key roles, and has historically given the Democrats an important advantage over Republicans.
The campaign’s access to Clinton’s data raises questions about the security of the DNC’s software and the strength of the firewall between the Democratic campaigns’ data. The NGP VAN software is used by a wide variety of groups, including labor unions, nonprofits and others.
The Sanders campaign said that it had raised a red flag with the DNC “months ago,” telling the party that campaign data was made accessible to other presidential campaigns.
“Sadly, the vendor who runs the DNC’s voter file program continues to make serious errors. On more than one occasion, the vendor has dropped the firewall between the data of different Democratic campaigns,” said Briggs. “We are working with the DNC and the vendor and hope that this kind of lapse will not occur again.”
The DNC official said the data was only available to secure users, and only for a brief interval. The Sanders’ campaign access to the data is suspended until the DNC receives a full explanation and is assured all improperly accessed data was disposed of.
Miranda said NGP VAN was conducting an audit, and that the DNC is considering an additional outside audit.
“The DNC immediately directed NGP VAN to conduct a thorough analysis to identify any users who accessed the data, what actions they took in the system, and to report on the findings to the Party and any affected campaign,” Miranda said.
This piece was originally published in TIME.