A recent research found gaping security holes in several SuperPAC public websites that may expose personal information of donors and other sensitive data. These vulnerabilities range from weak or nonsexist encryption and open ports to old and outdated server platforms. Security firm UpGuard assessed the security posture of top SuperPACs actives in the 2016 US election, and found that most of them could reach the average level of security. SuperPACs do not store payment information, but they keep donors’ personal information. Exposing donors’ identifies is a great issue because the purpose of these organizations is to hide who’s giving money. The main vulnerabilities are due to lack of encryption, no email authentication to avoid phishing scams, open SQL ports, and no DNSSEC adoption.