During a live video stream of the ballot result, a representative of TrueBallot shared their screen, which displayed an internet URL in the address bar of their web browser. A flight attendant watching the stream copied the URL into their own computer and discovered that the link took them to an unsecured database of the vote.

The flight attendant was able to view the name of everyone who had voted and what ballot they had cast, alongside their email address. The database could even be edited, and ballots could be added and deleted.

“The vendor, TrueBallot, admitted to the executive board, board of election and our attorneys that their system was unsecured, leaving it open to vulnerabilities,” explained the union president Lyn Montgomery in a video message to flight attendants.

How do these people still have jobs