A former Whangarei Boys' High pupil who describes himself as a "hobby hacker" has exposed security flaws in the National Party's website.
Josh Brodie, formerly of Whangarei but now living in Wellington, said his discovery left Prime Minister John Key open to accusations of "throwing 'Labour left the security off' stones from within a glass house".
Dirty Politics, a book by investigative journalist Nicky Hager, said senior National Party staffer Jason Ede and blogger Cameron Slater had accessed information from a poorly secured Labour Party computer system.
Mr Key defended their actions, saying it was not hacking because the site's security had been "left off". He compared it to the All Blacks taking a peek at the Wallabies' starting line-up if they had left it unsecured on a private website. However, Mr Brodie said his investigation of political party websites had found private information on National's members-only site was also unsecured.
The security flaw, while not on the same scale as Labour leaving its donor database open, allowed anyone to view or download photos of the 600-700 party members who had added profile pictures to their online accounts.