ZEC Website Login Details Exposed
The elections agency takes down website to fix the bugs
ZEC Tech department are sleeping on the job. Pachedu managed to access ZEC website administrators's login details.
ZEC knows nothing about IT security.
While checking ZEC's new website, our cyber experts found unsecured admin login details.
Admin 1: cganyele
Admin 2: zakiyo
The first one is for ZEC's ICT and Voters Roll Director, Mr. Cephas Ganyele.
Can we login @mangwana_jasper?@ZECzim
— Team Pachedu (@PacheduZW) November 13, 2022
The exposé brings to light the level of incompetence at the commission.
ZEC's website is now down as they are now trying to find the bugs, but unfortunate for ZEC, we will expose more soon after they switch on.
Our word for ZEC:
Stop using IT security as an excuse for not releasing the voters' roll, when you know nothing about IT security.@ZECzim
— Team Pachedu (@PacheduZW) November 13, 2022
According to Pachedu, ZEC were using a pirated WordPress theme. Pirated themes are not safe for such an important organisation handling sensitive information.
The new https://t.co/xaoHAUpWGZ site was developed using an old pirated WordPress theme, Consultio 2.8.0.
This is a major security risk for a Government institute, as pirated themes often come riddled with bugs, malware & outdated plugins.
Any comment @mangwana_jasper?@envato pic.twitter.com/qGvyJzUplN
— Team Pachedu (@PacheduZW) November 13, 2022
Under normal circumstances, heads would roll at ZEC but the entity is just as inept as other government institutions.
