UK Labour Party blames breach of members’ data on third-party cyberattack

Please wait 0 seconds...
Scroll Down and click on Go to Link
Congrats! Link is Generated

The U.K.’s Labour Party has confirmed a cyberattack on a third-party company has led to the compromise of members’ data.

In an email sent to all party members and posted to its website, Labour said it was informed of a “cyber incident” by an unnamed third-party data processor on October 29.

Details remain thin, but Labour said the incident led to “a significant quantity of party data being rendered inaccessible on their systems.” A person responding to the incident told Sky News that the incident was a ransomware attack on Labour’s third-party supplier. Labour has yet to confirm this, and TechCrunch has asked for more.

The scale of the breach is also unclear and it’s not yet known what data has been compromised. Labour, which holds financial information on paying members, said that the affected data “includes information provided to the party by its members, registered and affiliated supporters, and other individuals who have provided their information.”

However, it appears a number of former and non-members were also impacted by the incident. One Twitter user claims they received the data breach notification despite having left the party in 2009, while others said they also received the email despite having never been a party member. Some say they are affected by the data breach, even though they aren’t Labour Party members, but paid the political fee as a member of a Labour-affiliated union.

Labour has about 430,000 members. The party’s statement said its investigation is underway. It’s also informed the National Crime Agency (NCA), the National Cyber Security Centre, and has informed the Information Commissioner’s Office (ICO).

A spokesperson for the NCA said: “The NCA is leading the criminal investigation into a cyber incident impacting on the Labour Party. We are working closely with partners to mitigate any potential risk and assess the nature of this incident.” The ICO — which recently urged U.K. political parties to improve data protection practices — has also confirmed that it is actively making inquiries into the incident.

The Labour Party said it was also working closely with the unnamed third-party supplier to “urgently investigate” the full nature, circumstance and impact of the incident. It stressed that its own data systems were unaffected in the attack.

The incident isn’t the first time that the Labour Party has been impacted by ransomware. Last year the party alerted members that data stored by company Blackbaud had been compromised in a ransomware attack. At the time, the party said it believed that information about donors over a period of several years had been compromised.

Post a Comment

Read also:
Flash Sale! Do Shopify customization or bug fixing. Get It Now
Cookie Consent
We serve cookies on this site to analyze traffic, remember your preferences, and optimize your experience.
Oops!
It seems there is something wrong with your internet connection. Please connect to the internet and start browsing again.
AdBlock Detected!
We have detected that you are using AdBlock Extension in your browser.
The revenue we earn by the advertisements is used to manage this website, we request you to whitelist our website in your AdBlock Settings.
Site is Blocked
Sorry! This site is not available in your country.