After slamming his rival Senator Hillary Clinton in the presidential race for using private email servers for official correspondence, it’s now come to light that Donald Trump’s inboxes aren’t up to scratch either.

Sifting through publicly available records and information, security researcher Kevin Beaumont found that the Trump Organization’s mail servers for its hotels and other businesses run on an outdated version of Microsoft Windows Server software that’s no longer supported and offers minimal security as compared to more recently released options, reports Motherboard.

Quick update on Trump corp email servers – all internet accessible, single factor auth, no MDM, Win2003, no security patching. pic.twitter.com/nIMTa9UmdL — Kevin Beaumont (@GossiTheDog) October 17, 2016

Beaumont noted that Trump’s company is using an unpatched version of Windows Server 2003 with Internet Information Server 6, which may leave the organization vulnerable to hackers. It could hurt users too, as the setup doesn’t support two-factor authentication for increased security while logging in.

A statement from the Trump Organization spokesperson didn’t seem to clear things up much:

The Trump Organization deploys best in class firewall and anti-vulnerability technology with constant 24/7 monitoring. Our infrastructure is vast and leverages multiple platforms which are consistently monitored and upgraded using current cyber security best practices.

It’s not the first time Trump’s operations have been lax with cybersecurity measures. In August, The Register reported that his online merchandise store didn’t use HTTPS connections, thereby potentially exposing customers’ transaction details to hackers who might be snooping on users on the same network. It’s clear that Trump needs to get his house in order before pointing the finger at his opponents.

Donald Trump Is Running Some Really Insecure Email Servers on Motherboard

Read next: These videos painfully show how most people actually use their GoPro